apidash/doc/proposals/2025/gsoc/Application_SunilSharma_api_authentication.md

About

1. Full Name: Sunil Kumar Sharma
2. Contact Info: sharma.sunil12527@gmail.com, +91 8979696414
3. Discord User ID: AZURE (502613458638995456)
4. GitHub Handle: https://github.com/Azur3-bit
5. Socials: https://www.linkedin.com/in/sunil-sharma-206871205/
6. Time Zone: GMT +5:30 (India)
7. Resume: https://drive.google.com/file/d/1B3ixbrlPwwCfFw8Lcq3LXvW3N5dWmviX/view?usp=sharing

University Info

1. University Name: SRM Institute of Science and Technology
2. Program: B.Tech in Computer Science & Engineering
3. Year: 4th (Final Year)
4. Expected Graduation Date: June 2025

Motivation & Past Experience

1. Have you worked on or contributed to a FOSS project before?
   Yes, I have actively contributed to open-source projects, including adding support for PHP, Rust, and Golang, improving UI elements, and enhancing test coverage for various repositories. Some of my notable contributions:

   • Added support for PHP, Rust, and Golang in an online compiler.
   • Improved UI/UX for an online coding platform.
   • Introduced a Python script for OpenAI key validation.
   • Link to relevant PR: https://github.com/kalviumcommunity/compilerd/pull/139
     While my PR was not merged, it was due to a shift in project priorities, and the maintainers appreciated my effort and provided constructive feedback, which helped me refine my contributions.

2. What is your one project/achievement that you are most proud of? Why?
   One of my proudest achievements is my project on Self-Optimizing and Intelligent Cloud Infrastructure. This system integrates AWS Predictive Auto-Scaling with CloudWatch monitoring and cost optimization techniques, reducing infrastructure costs by ₹766.82 per month. This project showcases my expertise in cloud computing, automation, and cost optimization while making real-world impact.

3. What kind of problems or challenges motivate you the most to solve them?
   I like working on problems that push me to improve efficiency, enhance security, and automate complex processes. Challenges in API authentication, cloud infrastructure, and scalable systems interest me the most because they require a balance of security, optimization, and real-world application.

4. Will you be working on GSoC full-time?
   Yes, I will be working full-time on my GSoC project.

5. Do you mind regularly syncing up with the project mentors?
   Not at all! Regular sync-ups will help ensure alignment with project goals and continuous improvement.

6. What interests you the most about API Dash?
   API Dash is a lightweight and efficient API testing tool that avoids the unnecessary complexity of other platforms. I like how it keeps things simple while integrating AI to make API testing more intuitive and developer-friendly.

7. Can you mention some areas where the project can be improved?

   • Authentication Mechanisms: Implementing Multi-Factor Authentication (MFA), including biometric authentication, will enhance security and improve user experience. Having worked on MFA in payment gateways, I can integrate fingerprint recognition to streamline authentication, reducing reliance on passwords while ensuring security. Secure storage will protect credentials, allowing seamless and fast authentication for valid users on both mobile and laptop platforms.

Project Proposal Information

Proposal Title: Enhancing API Authentication & Secure Storage in API Dash

Abstract

This project aims to implement secure storage for authentication tokens using Flutter Secure Storage and integrate biometric authentication for an added layer of security. The goal is to enhance security while keeping API Dash lightweight and user-friendly.

image : (doc/proposals/2025/gsoc/images/sunil Auth image.png)

Detailed Description

Feature	Description
Secure Token Storage	Implement Flutter Secure Storage to securely store authentication tokens in an encrypted format.
Biometric Authentication	Enable fingerprint unlock for accessing stored API credentials.
Improved UI for Authentication Management	Add an intuitive UI for managing saved authentication methods securely.
Multiple Authentication Methods	Ensure seamless support for Basic Auth, API Key, JWT, OAuth 1.0, OAuth 2.0, and Digest Authentication.
Efficient Request Handling	Ensure secure storage integration does not affect API request efficiency.

Weekly Timeline

Week	Tasks
Week 1	Study API Dash's authentication mechanisms and security vulnerabilities. Set up the development environment.
Week 2	Implement Flutter Secure Storage for encrypted token storage.
Week 3-5	Integrate Biometric Authentication for secure access to stored credentials. Improve UI for managing authentication credentials securely.
Week 6-9	Implement and test multiple authentication methods (Basic Auth, API Key, JWT, OAuth, Digest Auth) with secure storage. Ensure efficient API request handling with secure storage integration.
Week 10	Optimize performance and conduct security audits for token storage.
Week 11	Improve documentation for secure authentication management in API Dash.
Week 12	Conduct thorough testing, debugging, and security validation. Prepare the final report, demo, and submit the project.