Summary

As a user I should be able to view the homepage and hit a login button. This login button should be placed in an easy to see area of the screen and redirect me to the CAS login page. After entering my credentials I should be redirected back to the site where I am presented with a visual indication that I am signed in. This session should last for the entire time that the browser is open. I should be able to sign out to clear the session early which should then prevent me from visiting any "internal" pages.

Auth flow exists on an API level through !122 (merged) - !124 (merged)

This should be mostly a React type of thing, pinging the API for auth status and getting the token.

0. React renders the homepage, failing the token check => logged out
1. Hit login
2. Establish session auth
3. React re-renders the homepage, passing the token check => logged in

bonus: build an "internal" page that functions as a proof of concept for a page that will not render "internal" data without access to the token.

Helpful Links

• https://developer.mozilla.org/en-US/docs/Web/API/Window/sessionStorage
• https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch