GSoC 2021 with SCoRe Lab — Week 8
tl;dr — This is the ninth article of my journey into the Google Summer of Code 2021 with SCoRe Lab. Here I discuss week eight (12th of July to 18th of July) of my GSoC experience.
Evaluation week!!!
After weeks of designing developing and learning about developing, finally, the evaluation week arrived. As I discussed in my previous blog, it was a little bit of a tight schedule that I had to finish up my first evaluation milestones before the evaluation week came. So finally I was able to finish up my targets before the deadline.
So to recap all of the things I developed before the evaluations, I had to develop API endpoints to support user registration, obtain domain zones list, obtain GCP zones list, check whether the provided email is a valid organization email, creating scans, and updating scans. In addition to these tasks, I created the documentation of the API endpoints using OpenAPI v3 specification Swagger UI. Since some of the API endpoints provide static outputs which can be easily cached, I integrated the Flask Caching to the Flask App in DNSTool-Middleware-API[API-GATEWAY]. In addition, to these tasks, some of the features provided by the API are strictly for human interaction only. Such as new user registration, we need to check if the requester is actually a human. For this situation, I integrated the Google reCAPTCHA v3 to check whether the request in fact came from a human user, not from a Bot 😁.
After the evaluation week, the coding starts again and we are in the endgame now. In the next phase, I have to develop the authentication mechanism for the user to download the required resources from Google Cloud Storage. My mentor and I had a discussion about the most suitable and (SECURE!) way to do the authentication for the user. At first, we were discussing creating separate user accounts for the users but there was a slight hiccup,
so much for that plan 😥. So we brainstormed our ideas on a suitable alternative method and we came to a conclusion on a superb idea. The following is the architecture of the user authentication flow.
So we decided to go with the flow 😎.
So in the coming weeks, I will be implementing this authentication workflow in the DNSTool-Middleware-API system. So until we meet again, happy coding. (Oh, one thing I forgot to mention, I passed the evaluations. YAY! 😁)
