Implementation of JWT Authentication and Authorization Policies for Publishers

Currently, books can be created, updated, or deleted without any authentication or authorization. This should be changed so that only authenticated publishers can manage their own books. Additionally, a Super Admin (User ID 0) should have the ability to manage all books.

### Requirements

* Implement JWT authentication
* Use Bearer Tokens for publisher identification
* Publishers can only create, update, and delete their own books
* Super Admin (User ID 0) can manage all books
* Unauthenticated users cannot perform any of the mentioned actions
* Implement Policies to check permissions
* Implement Unit and Feature Tests to ensure functionality and security

### Acceptance Criteria

- [ ] Authentication
- [ ] Authorization for Publishers
- [ ] Super Admin Privileges
- [ ] Security
- [ ] Testing

### Additional Information

**Affected Endpoints:**
* `POST /books`
* `PUT /books/{id}`
* `DELETE /books/{id}`

**Technologies:**
* JWT (JSON Web Token)
* Bearer Authentication
* Policies / FilterScopes

### Resources

* [JWT.io](https://jwt.io/) for token validation
* Laravel documentation for [authentication](https://laravel.com/docs/11.x/authentication) & [authorization](https://laravel.com/docs/11.x/authorization) implementation

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Implementation of JWT Authentication and Authorization Policies for Publishers #6

Requirements

Acceptance Criteria

Additional Information

Resources

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Implementation of JWT Authentication and Authorization Policies for Publishers #6

Description

Requirements

Acceptance Criteria

Additional Information

Resources

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions