authd/TODO.md

23 lines
952 B
Markdown
Raw Normal View History

### Consistency in error management.
**Both exceptions and error reponses are used**.
A choice should be made between the two options.
A combinaison of both is fine as long as the logic is comprehensively documented.
**Response::Error** class is overused.
A simple error message is given instead of specific messages for each recurring error.
In the same time, some exceptions (such as **AdminAuthenticationException**) are used a few times for the same kind of errors.
**Authorization rules** should be clear and documented.
Currently, some operations are restricted to an admin, defined explicitely by the user *admin* boolean.
These operations could be delegated to simple users with some specific fine-grained authorizations.
### Structures, not classes
Maybe in some cases, it could be great to use structures instead of classes.
They are simpler, use less memory and computation.
### Documentation.
Documentation isn't started, yet. TODO!