Build a RESTful API - endpoints require role-based authorization with JWT gathered from Auth0 user
Third piece of coursework in the Udacity Full Stack Nanodegree: Identity and Authentication Management
The goal of the project was to build a simple API with endpoints which would require a valid JWT be passed to it containing a valid user permission. We were to use a single-page application setup in Auth0 to handle the user login and JWT creation and validation process.
Project tasks completed:
- Build RESTful API using Python, Flask & SQLAlchemy, containing GET, POST, PATCH and DELETE requests which respond to different permissions provided by the JWT.
- Setup Single-Page Application in Auth0. Add Permissions, Roles and Users.
- Setup authentication decorator method to get the auth header, check permissions and verify the Json Web Token
- Use Postman to create a collection of test cases for each API endpoint and appropriate error handlers.
- Deploy and test Ionic frontend