add authorization

[Arfey]

https://aiohttp-security.readthedocs.io/en/latest/

• add login page
• add view for login
• add command for create a new user (make create_user)

user info - postgres
session data - redis

[everonegraham]

Hey there Arfey, I will look into this over the weekend.

[Arfey]

good luck 👍 if u'll have any questions feel free to ask. Also, i recommend u to do this task step by step and push small changes to review

[everonegraham]

Hey there Arfey, had to be off for this for a good while. And starting to get back on it. Is the login page suppose to be the first page seen when running the app?

[Arfey]

Hi. In my opinion, login page should not be as start page, because u can get index page without authz. Also when u run create-aio-app and after that make run u open login page but u don't have a user for login.

[everonegraham]

True, I got the login is page ready. Just the page right now. No auth or postgres related data. Will be working on the auth side thru the week after work.

[amartya-dev]

@sanyen are you still working on this?

[everonegraham]

Yes, on hold for personal reasons. Will be resuming this weekend.

[everonegraham]

@amartya-dev feel free to take this over. Think I've bitten off a bit more than I can handle right now.

[amartya-dev]

Ok, I think my approach would be this:

• Create a custom column for user password using SqlAlchemy's Varchar and func
• Add a method to hash and match password strings possibly with a generated key and cryptography library
• Add a method to create a user by setting the password using the create_user method I talked about in the previous point.
• Add a login and register view
• Add corresponding routes

Also, I would request the maintainers to include this in hacktoberfest