JWTs and Satellizer

[0xdevalias]

It would be super awesome if the auth side of bootzooka was using JWTs, and could support something like Satellizer as a drop in. The old cookie based auth method is a bit dated, and makes 'api first' applications outside of the browser annoyingly complicated.

Seems there was some talk on google groups about JWTs in relation to akka-http-session too.

For the backend part of JWTs:

• https://github.com/sahat/satellizer/wiki/Signup
• https://github.com/sahat/satellizer/wiki/Login-with-Email-and-Password
• https://github.com/sahat/satellizer/tree/master/examples/server/java
• JWT lib: Nimbus-Jose-JWT (Alt, Doc)

Working on implementing this myself currently, so if you want it, happy to share the bits (won't PR unless you really want though, as I will probably be ripping out the current session stuff from mine)

[0xdevalias]

Put together my version and thrown the code up as a gist if you're interested. Feel free to pick/choose/incorporate as much as you want: https://gist.github.com/alias1/316ee1a7cfc0bbe9ec8d

[adamw]

Thanks! I guess that would be best to add to akka-http-session, but definitely having some code ready will be useful :)

[colincgn]

Any further thoughts on this issue?