The last few days have been very productive. I have written demo endpoint which is able to return information whether a user should be logged in or not. In this application, I used the tool I met on the last Polish Java User Group meetup – Bootique. I’m going to describe it in the first part of this article. In the second, I’ll show you changes I made in the proxy application. There are a lot of new features.
Yesterday I realized that I write more about refactoring than implementation. To stay consistent today’s post is about…refactoring. Well, maybe not only about it, but mainly. In the previous week I finished following tasks:
- [F-4] Handling request result (response code, message)
- [F-8] Encapsulate logic from aksesi-gesture.js into a class
- [F-9] Secure initialization
- [P-1] Forwarding requests to an authentication endpoint
Today’s post is a brief summary what has changed in recent days. Especially, at the weekend. As I explained in the previous post, I changed my workflow. Now I’m working in the task-oriented flow, with branching system on the GIT. Not only can you follow it with the Github repository but also with the Trello board.
When I came up with an idea of Aksesi project, I started to think about its security. First thought was that it will be as safe as HTTP(s) protocol is. Realizing it, I stopped any considerations. Three weeks later I realized that this solution will be very safe or, at least, safer than ordinary password usage.
In this post, I’m going to cover a few reasons why Aksesi will be safer than classic authentication which bases only on passwords consisting of characters.
At the last Friday’s afternoon, when I was doing housework, I came up with an idea about Aksesi’s development direction. It just appeared in my mind. Before I started this project I had only known that it will be an application that will allow to authenticate a user with gestures usage. After some time, I decided to support also characters and then I realized that it would be nice to have back-end service that will perform all computations.
In this post, I’m describing my idea with the majority of adopted conventions. I want to mention that this idea will probably change many times.