brennie got a fish trophy!
Generate unique tokens for session API
Review Request #9999 — Created June 6, 2018 and submitted — Latest diff uploaded
The
/sessionAPI now generates a unique, randomly-generated token
instead of returning the user's credentials in the HTTP Basic Auth
format (i.e., base64-encodedusername:password).Since these tokens are randomly generated instead of deterministic, we
store them in a JSON-encoded (for simplicity of
marshalling/unmarshalling) file whose location is specified in
config.json.
Ran
go fmt ./....
Rango test ./....Created a new session and stopped the server. Observed token in
tokens.datfile.Restarted server and authenticated to protected endpoint with token; was granted access.
Diff Revision 2
This is not the most recent revision of the diff. The latest diff is revision 3. See what's changed.
| .gitignore |
|---|
| main.go |
|---|
| sample_config.json |
|---|
| api/api.go |
|---|
| api/routes_test.go |
|---|
| api/tokens/file_store.go |
|---|
| api/tokens/memory_store.go |
|---|
| api/tokens/tokens.go |
|---|
| api/tokens/tokens_test.go |
|---|
| config/config.go |
|---|
| config/config_test.go |
|---|
| helpers/config_helpers.go |
|---|
| repositories/git.go |
|---|