Split Jwt/session authorisation out of auth classes

Summary

The current implementation of authentication and authorization in Hazaar MVC combines both functionalities into a single set of classes. To improve modularity and maintainability, there is a need to split the authentication and authorization functionalities into two distinct parts within Hazaar MVC.

Area of the system

The change will primarily impact the authentication and authorization modules of Hazaar MVC.

How does this currently work?

Currently, the authentication and authorization functionalities are tightly coupled within the existing classes. This coupling makes it difficult to modify or extend either functionality independently.

What is the desired way of working?

The desired change involves separating the authentication and authorization functionalities into separate classes/modules. The authentication module will focus solely on user authentication, including login, logout, and user session management. The authorization module will handle the access control and permission-based functionalities, determining what resources or actions a user is allowed to access.

Priority/Severity

• High (This change will bring a significant improvement in maintainability, flexibility, and future extensibility)
• Medium (This change will enhance modularity and ease of development for authentication and authorization)
• Low (This change represents minor improvements or adjustments)