v0.2.0 – Authentication & User Management
Released: 2025-06-15
With the foundation in place, v0.2.0 focused on securing the application and building its concept of "identity." This release is defined by its robust authentication system and the architecture for multi-lodge support.
Secure by Default: JWT & Refresh Tokens
We implemented a modern, secure token-based authentication system. When a user logs in, they are issued two separate tokens:
Access Token: A short-lived JSON Web Token (JWT) that grants access to the API for a short period (e.g., 15 minutes). This is sent with every API request.
Refresh Token: A long-lived, secure token that is stored in our refresh_tokens database table. Its sole purpose is to securely request a new access token when the old one expires.
This two-token system is a best practice that significantly enhances security. Even if an access token is intercepted, it becomes useless very quickly. The long-lived refresh token is only ever used in a secure, dedicated endpoint, and our system even includes Refresh Token Rotation, where a new refresh token is issued upon use, invalidating the old one.
Passwords and Roles
User passwords are never stored in plain text. We use the industry-standard bcrypt algorithm to hash and salt every user's password, ensuring that even in the event of a database breach, user credentials remain secure.
This release also established the foundation of our Role-Based Access Control (RBAC). The users table now includes an is_admin boolean flag, which is used by our API middleware to protect critical routes (like creating events or making another user an admin) from being accessed by unauthorized users.
Multi-Lodge Architecture
Finally, v0.2.0 was designed for a multi-tenant, multi-lodge environment. The database schema now includes lodges and memberships tables. A user does not "belong" to the system; they are a member of one or more lodges. This many-to-many relationship is the key that allows Masonic Slate to scale from a single lodge to an entire Grand Lodge jurisdiction.
Learn about the v0.1.0 release of Masonic Slate. We built the foundation with a Rust monorepo, Axum, PostgreSQL, and a shared common crate.
The core feature is here! v0.3.0 introduces event management and the intelligent slating engine, powered by the Hungarian algorithm.
Comments
No comments yet. Be the first to comment!