Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a security directive for authentication #2

Open
myazinn opened this issue Mar 29, 2022 · 1 comment
Open

Add a security directive for authentication #2

myazinn opened this issue Mar 29, 2022 · 1 comment
Assignees
@AntonIOC777

Comments

@myazinn
Copy link
Contributor

myazinn commented Mar 29, 2022

rc-events module should contain a directive that extracts a token from a request header and parses it to a User. Note that for rc-events module a User is just an object that consists of email an id.
@AntonIOC777 AntonIOC777 self-assigned this Apr 1, 2022
@myazinn
Copy link
Contributor Author

myazinn commented May 11, 2022

The authorization token must be passed by a user in an Authorization header with Bearer prefix. Example:
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2Njc4Mjk3MDUsImlhdCI6MTY1MjI3NzcwNSwidXNlcklkIjoiNmVjYzQ2ZmItOTFiOS00YzBlLThhNmMtYjI0OGI4YTdhNWZhIiwiZW1haWwiOiJqb2huX2RvZUBlbWFpbC5jb20ifQ.Kpd_qU2EZsDOR4BzW0_c4Pc63sxzE68pMLVsHc6pjgU
This token must have two fields: userId and email, so we can create a custom domain user with these fields. You can use https://jwt.io resource to decipher JWT token and see which info is encoded into it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AntonIOC777 AntonIOC777

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@myazinn @AntonIOC777