Skip to content
This repository has been archived by the owner on Oct 10, 2024. It is now read-only.

Token authentification #12

Open
remisarrailh opened this issue May 11, 2017 · 0 comments
Open

Token authentification #12

remisarrailh opened this issue May 11, 2017 · 0 comments

Comments

@remisarrailh
Copy link
Contributor

remisarrailh commented May 11, 2017
edited
Loading

Instead of using a password, the client should mostly use temporary token.
Password will only be used to provided a token to the client.

Token are stored with an expiration date (and ip) into variables.

Token are erased when

  • Client asked to be disconnected
  • It expires
  • The device is unplugged / system restart (a persistant mode could be useful)

Example:

First authentication

  • Websocket ask for password
  • Client answer with password
  • Websocket send token
  • Client save token in localStorage (for a given time)

Second authentication

  • Websocket ask for password
  • Client respond with token
  • Websocket check Token association
  • Client logged in automatically.

Disconnection

  • Client click on disconnect
  • Client erase token from localStorage.
  • Client send websocket a clear token commands
  • Websocket reset token.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@remisarrailh