1
00:00:00,180 --> 00:00:05,640
In this video, we're going to discuss about the application, which we're going to build throughout

2
00:00:05,640 --> 00:00:06,250
this course.

3
00:00:06,270 --> 00:00:12,000
So this is the way of that application and right now it just has only your way and there is no security

4
00:00:12,000 --> 00:00:13,440
implementor and everything.

5
00:00:13,440 --> 00:00:14,690
All the data is Hakata.

6
00:00:14,850 --> 00:00:20,010
There is no back end associated and there is no database associated right now for this application.

7
00:00:20,040 --> 00:00:25,710
Don't worry if you're not comfortable about that, you wait by answering that this application has been

8
00:00:25,710 --> 00:00:27,170
developed using angular.

9
00:00:27,180 --> 00:00:28,860
I'll be also sharing this.

10
00:00:28,860 --> 00:00:35,700
You go through your GitHub link, you can always download from the top and only concentrate on the backend

11
00:00:35,700 --> 00:00:38,100
security code that we are going to build toward this.

12
00:00:38,730 --> 00:00:44,790
This is an application related to bank and the reason why we choose the banking domain, each answering

13
00:00:44,790 --> 00:00:48,810
that security is most important for any banking application.

14
00:00:48,870 --> 00:00:54,630
So if you see the very first landing page that the customer of a bank will be shown is a login page

15
00:00:54,660 --> 00:01:02,400
user once enters the email and password associated with his or her account, which should be authenticated

16
00:01:02,400 --> 00:01:07,130
and authorize the user using a back in service leveraging this spring security frame.

17
00:01:07,140 --> 00:01:15,330
Once the user is logged in and authorized, we should show the user dashboard where he has various sections

18
00:01:15,330 --> 00:01:20,280
about his account, details and balance associated with his account.

19
00:01:20,290 --> 00:01:27,690
What the transactions that he has performed in the past few days, loans associated and cards that he

20
00:01:27,690 --> 00:01:29,760
has associated with that bank.

21
00:01:29,790 --> 00:01:35,850
So all these four sections like account balance loans cards has to be because these are the rest of

22
00:01:35,850 --> 00:01:43,020
it service or any backend services which the UAE will call by passing on the authentication details

23
00:01:43,020 --> 00:01:43,230
to.

24
00:01:43,240 --> 00:01:49,890
We should make sure all this Forest Service has to be secured at any point of time and the user should

25
00:01:49,890 --> 00:01:55,170
be able to access this dashboard page only once he authorized and authenticate himself.

26
00:01:55,380 --> 00:02:03,030
And at the same time, we have free form of pages like contact us with the bank, want anyone to access

27
00:02:03,030 --> 00:02:03,200
this?

28
00:02:03,510 --> 00:02:09,330
There is no security restriction on this because obviously in a case where a non customer of the bank

29
00:02:09,330 --> 00:02:15,910
or any public person want to contact the bank, this page will allow them without entering his credentials.

30
00:02:15,930 --> 00:02:18,420
That's where we have to make sure we build a back.

31
00:02:18,420 --> 00:02:23,940
And so is accepting the request from this page without any security details associated with it.

32
00:02:24,000 --> 00:02:30,330
And at the same time, we have a notice, a space where bank regularly publishes about that important

33
00:02:30,330 --> 00:02:33,090
announcements to their customers, public, everyone.

34
00:02:33,120 --> 00:02:38,040
So that's where obviously this page also has to be free from any kind of security.

35
00:02:38,250 --> 00:02:40,800
And all this notices has to come from a bank.

36
00:02:40,800 --> 00:02:48,300
And so we also build the notices some ways, which is doesn't require any security and anyone can access.

37
00:02:48,330 --> 00:02:52,950
So on a high level, I'm assuming you understand there is a login page and contactors.

38
00:02:52,950 --> 00:02:57,870
I'm noticing speech which anyone can access without entering their credentials.

39
00:02:58,120 --> 00:03:04,650
At the same time, once the user is logged in, we should be able to navigate to dashboard where he

40
00:03:04,690 --> 00:03:12,150
or she can again call more services as opposed to the account balance loans cards and what the user

41
00:03:12,150 --> 00:03:14,230
want to click logout.

42
00:03:14,250 --> 00:03:19,720
He can always post this, quote, link and go back to the login page.

43
00:03:19,980 --> 00:03:22,350
This is what we are going to build on a high level.

44
00:03:22,630 --> 00:03:28,200
And if you see there is no security associated with it, we will focus right now in the coming reviews

45
00:03:28,200 --> 00:03:33,990
on the back and how to build up the services associated for all these features, how to protect a few

46
00:03:33,990 --> 00:03:40,440
of them and how to make them available for anyone to will do all such configurations on the backend

47
00:03:40,440 --> 00:03:47,010
to funnel ECDIS an input as a requirement for a project that we are going to build will come to the

48
00:03:47,190 --> 00:03:47,390
Web.

49
00:03:47,440 --> 00:03:53,070
But again, once we build all the backend equipped for this, I hope that makes sense to you.

50
00:03:53,100 --> 00:03:53,490
Thank you.

51
00:03:53,580 --> 00:03:55,440
And get you in the next review by.