[jira] [Updated] (FINERACT-2641) Implement Authentication Feature

Sat, 13 Jun 2026 17:33:11 -0700 


     [ 
https://issues.apache.org/jira/browse/FINERACT-2641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Edward Kang updated FINERACT-2641:
----------------------------------
    Description: 
Now that registration is implemented, we need to implement authentication.

The goal is go beyond basic auth and implement the beginnings of a modern 
consumer frontend login/auth process with security in mind.

Items to be implemented:

1) Login returns an auth JWT to keep user logged in with refresh token for 
longer term accessibility

2) 2FA login with an OTP

3) Device Fingerprinting 

4) ES256 for JWT generation to prevent JWT spoofing and to reuse for open 
banking later

5) Bcrypt hashed passwords

 

https://github.com/apache/fineract-consumer-facing/pull/16

  was:
Now that registration is implemented, we need to implement authentication.

The goal is go beyond basic auth and implement the beginnings of a modern 
consumer frontend login/auth process with security in mind.

Items to be implemented:

1) Login returns an auth JWT to keep user logged in with refresh token for 
longer term accessibility

2) 2FA login with an OTP

3) Device Fingerprinting 

4) ES256 for JWT generation to prevent JWT spoofing and to reuse for open 
banking later

5) Bcrypt hashed passwords


> Implement Authentication Feature
> --------------------------------
>
>                 Key: FINERACT-2641
>                 URL: https://issues.apache.org/jira/browse/FINERACT-2641
>             Project: Apache Fineract
>          Issue Type: Sub-task
>            Reporter: Edward Kang
>            Assignee: Edward Kang
>            Priority: Major
>
> Now that registration is implemented, we need to implement authentication.
> The goal is go beyond basic auth and implement the beginnings of a modern 
> consumer frontend login/auth process with security in mind.
> Items to be implemented:
> 1) Login returns an auth JWT to keep user logged in with refresh token for 
> longer term accessibility
> 2) 2FA login with an OTP
> 3) Device Fingerprinting 
> 4) ES256 for JWT generation to prevent JWT spoofing and to reuse for open 
> banking later
> 5) Bcrypt hashed passwords
>  
> https://github.com/apache/fineract-consumer-facing/pull/16



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to