Introduction:
This document describes the design approach for securing of switching of Managed User’s account
Background:
Jira Issue: https://project-sunbird.atlassian.net/browse/SH-95
Epic: https://project-sunbird.atlassian.net/browse/SH-67
Presently user can be switched to managed user’s profile and managed-user can consume application as a normal user.
Problem Statement:
Currently switch of user is not secured
Existing workflow:
User login in to his account and starts using application.
Parent’s token is used for managed-user actions.
Change request:
For managed Users’s an extra MUT should be send in API’s.
Below is current data stored in session
Solution 1:
user/search API to be intercepted at portal backend.
A. portal backedn to save token into current user’s session.
B. Only user related information is send to front end.User initiated switch.
A.Portal backed maps the saved data of switched user.
B.Deletes other user dataSave JWT token in session for furthur use
Add headers for all required API and send token
Pros:
Not exposing MUT.
Cons:
Storing large redundant data in session.
Solution 2:
Pros:
Token not being exposed in frontend.
Session data does not have redundant data
Cons:
Extra API call to LMS service (user/search)
Solution 3 :
Pros:
Only MUT stored in session.
Verification of request before switching of user addes extra security to existing swtich user flow.
Cons:
Exposing MUT token into front. Any one can see it and intercepts it and use it furthur.
Solution 4 :
User Read API can be modified to send user token.