c61fcda705
Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 1.7.3 to 2.6.1. - [Release notes](https://github.com/bitinn/node-fetch/releases) - [Changelog](https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/bitinn/node-fetch/compare/1.7.3...v2.6.1) Signed-off-by: dependabot[bot] <support@github.com> |
||
---|---|---|
app | ||
server | ||
.bootstraprc | ||
.eslintrc | ||
.gitignore | ||
Gruntfile.js | ||
LICENSE | ||
README.md | ||
package.json | ||
postcss.config.js |
README.md
Chronos
A school event planner and timetable
Todo
-
Migrations
-
Authentication
- Global React
user
- OID auth client
- jwt token provider
- auth is a choice between oidc and pass, sends token/pass to
/auth
for validation /auth
verifies oid token or pass, generates signed jwt- jwt taken contains user role
- hide/protect certain element
- fake validator for jwt at protected endpoints
- assume user is admin
- auth is a choice between oidc and pass, sends token/pass to
- Decide between email-validated OID or storing identity strictly
- Additional email-based auth mechanism with tokens (like asciinema)
- Redirect when not logged in
- Global React
-
Create group
-
Create one-off events
- Show event details
-
Create attachments
- Description
- File
-
Create group CCAs
- Create CCA schedules
- Differentiate CCAs from Mentor Groups
-
Create group mentor
- Importable timetables
-
Display events as agenda
-
Display events as calendar
- Drag one-time events around to modify
- Hide weekly events in month view
-
Show heatmap of the availability of the users in a group when creating an event
- This is the event planning feature
-
Create sample data
-
Create admin interface in JavaFX (requirement)
- Manage schools
- Manage users in schools
- Bulk create groups
-
Refactor toolbar mutator for homepage pagination
Security Pitfalls
- Auth mechanism not verified
- Verification of OID tokens is done by upn being the email address
- Succeptable to insecure direct object references