New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Login framework overhaul #7

Open

9 tasks

XertroV opened this issue Sep 6, 2018 · 1 comment

Assignees

Labels

C-API C-UI P1 - ASAP R1 - Requirement

Milestone

v0.3 Voting mvp/t...

Member

XertroV commented Sep 6, 2018 •

edited

Loading

design + add typings for auth model
implement support for auth tokens in api-v1 and api
implement support for auth tokens in UI requests
log function calls against user + authtoken
API get my auth tokens summary
UI my auth tokens summary
patch api-v1 to send out auth tokens only via email
patch any static pages that ensure localstorage consistency (authtoken support)
live

XertroV added R1 - Requirement C-UI C-API P1 - ASAP labels

XertroV added this to the v0.3 Voting mvp/testing milestone

XertroV self-assigned this

Member Author

XertroV commented Sep 29, 2018

depends on #20

currently the plan is two-fold:
- add a new secToken2 method of auth - works basically like the original s parameter / auth but a bit more secure, supports multiple tokens, token expiry, etc
- add a new JWT + ed25519 based system of auth whereby a JWT is issued to authenticate an ec25519 pubkey, and that pubkey signs requests; both the JWT and the EC keypair expire as per the expiry of the JWT

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment