brennie got a fish trophy!
Generate unique tokens for session API
Review Request #9999 — Created June 6, 2018 and submitted
The
/session
API now generates a unique, randomly-generated token
instead of returning the user's credentials in the HTTP Basic Auth
format (i.e., base64-encodedusername:password
).Since these tokens are randomly generated instead of deterministic, we
store them in a JSON-encoded (for simplicity of
marshalling/unmarshalling) file whose location is specified in
config.json
.
Ran
go fmt ./...
.
Rango test ./...
.Created a new session and stopped the server. Observed token in
tokens.dat
file.Restarted server and authenticated to protected endpoint with token; was granted access.
Change Summary:
Rebase of /r/10006/
Depends On: |
|
||||
---|---|---|---|---|---|
Commit: |
|
||||
Diff: |
Revision 2 (+448 -59) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
Change Summary:
Rebase
Commit: |
|
||||
---|---|---|---|---|---|
Diff: |
Revision 3 (+435 -55) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.