Implement User Authentication and Role Management

[snehas-05]

I propose to add a User Authentication and Role Management feature to our application. This will allow users to securely register and log in, enhancing the overall security of the system. Additionally, incorporating role-based access control will enable us to manage user permissions more effectively, differentiating functionalities for admin users and regular users. This feature will not only improve data security but also personalize user experiences, making our face recognition system more robust and user-friendly.

Key Features-
Secure Registration and Login: Users can create accounts and log in securely, protecting personal data.

Role-Based Access Control: Different functionalities are available based on user roles (e.g., admin, regular user), ensuring appropriate access levels.

Profile Management: Users can manage their profiles, including updating their information and changing passwords.

Session Management: Securely maintain user sessions and automatically log out inactive users.

Enhanced Security: Implementation of password hashing and secure storage practices to protect user credentials.

[devansh-shah-11]

This is a good idea!
Assigned you the task.

[simran0809]

greeat idea

[Himani585]

"I would like to contribute to the User Authentication and Role Management feature.

Scope of Work:
User Authentication:

Implement secure login, registration, and logout functionality.
Use password encryption (e.g., bcrypt/argon2) and session management.
Support OAuth or social logins (e.g., Google, GitHub) for better user experience.
Role Management:

Implement role-based access control (RBAC) to restrict access based on roles (e.g., Admin, User).
Create APIs to assign roles and permissions dynamically.
Ensure sensitive operations (like data modifications) are available only to authorized roles.
Validation and Security Enhancements:

Protect against common attacks (SQL Injection, CSRF, XSS).
Use JWT (JSON Web Tokens) or session-based authentication mechanisms.
I am excited about this task and ready to learn and collaborate. Having a mentor assigned would help ensure best practices and guide me through any blockers.

Looking forward to contributing!"

[devansh-shah-11]

@Himani585 @snehas-05 can you collaborate on this?
We would want it to be implemented in Flask + FastAPI which our project currently uses.

[snehas-05]

Hey @devansh-shah-11 I alone can also try to add feature using technologies you are asking
As previously I have added this feature using django but @Devasy23 told me we don't want django.

[Devasy23]

Yes we won't be adding one more framework and complicate this project> Hey @devansh-shah-11 I alone can also try to add feature using technologies you are asking

As previously I have added this feature using django but @Devasy23 told me we don't want django.

[devansh-shah-11]

Ok - you can try alone as well, it's already assigned to you.
And regarding Django, we don't want to change our primary techstack and overcomplicate hence @Devasy23 advised you regarding that. He is the project admin!