Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🔐 Implement Optional HTTP Basic Authentication for Frontend #400

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

🔐 Implement Optional HTTP Basic Authentication for Frontend #400

wants to merge 1 commit into from

Conversation

Am0stafa
Copy link

@Am0stafa Am0stafa commented Oct 8, 2024

Description

This pull request introduces an optional HTTP Basic Authentication system for the Perplexica. The implementation ensures a seamless authentication experience across all devices and browsers while maintaining simplicity and ease of use. Such that a user can toggle an authentication option and all users will be prompted for the configured username and password.
This makes the application more private such that when we deploy the application it can be only accessible to certain people

Key Changes:

  1. Centralized authentication settings fetching in _app.tsx
  2. Updated SettingsDialog.tsx to include authentication toggle and credential input
  3. Implemented middleware to enforce global authentication based on stored settings
  4. Added backend API endpoints for managing authentication settings
  5. Created database schema for storing authentication configuration

Testing Instructions:

  1. Setup:

    • Ensure the backend server is running
    • Start the frontend application

  2. Enable Authentication:

    • Navigate to the settings dialog (usually accessible via a gear icon or menu)
    • Locate the "Enable Basic Authentication" toggle
    • Switch the toggle to the ON position
    • Enter a username and password in the provided fields
    • Click the "Confirm" or "Save" button
    • The page should reload, and you should be prompted to enter the credentials you just set

  3. Verify Global Authentication:

    • Open a new incognito window or different browser
    • Navigate to the application URL
    • Confirm that you're prompted for the username and password you set earlier
    • Enter the correct credentials to access the application

  4. Test Invalid Credentials:

    • Attempt to access the application with incorrect username or password
    • Verify that access is denied and the authentication prompt reappears

  5. Disable Authentication:

    • Log in to the application
    • Navigate back to the settings dialog
    • Switch the "Enable Basic Authentication" toggle to the OFF position
    • Click "Confirm" or "Save"
    • The page should reload
    • Verify that you can now access the application without being prompted for credentials

  6. Re-enable with New Credentials:

    • Go back to the settings dialog
    • Enable authentication again
    • Set a different username and password
    • Save the settings
    • Open a new incognito window or browser
    • Confirm that the new credentials are required and the old ones no longer work

  7. Cross-Device Testing:

    • If possible, try accessing the application from a different device (e.g., smartphone, tablet)
    • Verify that the authentication prompt appears and that the set credentials work across all devices

  8. Persistence After Server Restart:

    • With authentication enabled, restart both the frontend and backend servers
    • Attempt to access the application
    • Confirm that authentication is still enforced with the last set credentials

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Am0stafa