Skip to content

Commit

Permalink
Updated README and file names
Browse files Browse the repository at this point in the history
  • Loading branch information
soumyaray committed May 28, 2017
1 parent 5b5d2c4 commit 319d7f7
Show file tree
Hide file tree
Showing 6 changed files with 12 additions and 12 deletions.
12 changes: 6 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,13 @@ Follow the activities below as the semester progresses.
## Weekly breakdown of the semester project:
- [A: Brainstorming and Setup](descriptions/005_brainstorm_setup.md)
- [B: Basic File Store API](descriptions/010_filestore_api.md)
- [C: Relational Databases and API Testing](descriptions/020_db_testing.md)
- [C: Relational Databases and Testing](descriptions/020_db_testing.md)
- [D: Database Hardening](descriptions/030_db_hardening.md)
- [E: Secure User Accounts](descriptions/040_secure_accounts.md)
- [F: Deployed API + Interface Client](descriptions/050_interface_client.md)
- [G: Token Based Authentication](descriptions/060_token_authentication.md)
- [H: Form Validation and SSL Enforcement](descriptions/070_validation_ssl.md)
- [I: Token Based Authorization](descriptions/080_token_authorization.md)
- [F: Client Interface and Sessions](descriptions/050_interface_sessions.md)
- [G: Secure Session and Registration](descriptions/055_secure_sessions.md)
- [H: Token Based Authorization](descriptions/060_token_authorization.md)
- [I: Policies and Validation](descriptions/070_policies_validation_ssl.md)
- [J: OAuth Protocol and Single-Table Inheritance](descriptions/090_oauth_protocol.md)
- [K: Signed Apps and XSS Prevention](descriptions/100_distributed_security.md)
- [K: Signed Clients and XSS Prevention](descriptions/100_distributed_security.md)
- [L: Final Presentations](descriptions/110_final_presentation.md)
2 changes: 1 addition & 1 deletion descriptions/020_db_testing.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
## Database and Testing
## Relational Databases and Testing

We will start addressing some of the security issues we found by adding a database to our application and writing tests for it. You can refer to the [`1_db_testing` branch of the demo code we saw in class](https://github.com/ISS-Security/configshare-api/tree/1_db_testing).

Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Interface and Sessions
# Client Interface and Sessions

This week are building up our interface as a web client application. We are interested in seeing if we can get users to login for now! Take a look at the latest code at:
- [Deployed API](https://github.com/ISS-Security/configshare-api/tree/4_authenticate_accounts)
Expand Down
2 changes: 1 addition & 1 deletion descriptions/055_secure_sessions.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Secure Sessions
# Secure Sessions and Registration

This week we will secure the storage of session state across our system and on the client machine.
See the latest version of our demo code:
Expand Down
2 changes: 1 addition & 1 deletion descriptions/070_policies_validation.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Validated Form Input and Enforce SSL
# Policies and Validation

This week we will create centralized resource policies, and validate user input coming from web forms. See the latest version of our demo project:
- [Web API: auth_policy](https://github.com/ISS-Security/configshare-api/tree/6_auth_policy)
Expand Down
4 changes: 2 additions & 2 deletions descriptions/090_oauth_protocol.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Single Sign-On Using OAuth an Single Table Inheritance
# Single Sign-On Using OAuth

This week we will implement single sign-on (SSO) to allow users to login using their Github credentials. But first, we must setup our database (API) to handle two types of accounts: regular accounts (Account) and SSO accounts (SSOaccount).

Expand Down Expand Up @@ -31,5 +31,5 @@ This week we will implement single sign-on (SSO) to allow users to login using t
- Choose from the options we saw in class of how to distribute these tasks between your App and your API
- ~~option 1: App handles everything and asks API to find/create Github account~~
- option 2: App completes authorization and sends access_token to API, API uses access_token to retrieve user data from Github
- option 3: API handles everything and returns Github account to App
- option 3: App starts process until callback, then hands code to API; API uses code to retrieve access_token and get user data
- Make sure at the end that your API stores a new `SsoAccount` if one does not exist for an SSO login

0 comments on commit 319d7f7

Please sign in to comment.