Create auth system that is as portable as possible, SQLite backed, checks for user creates secure tokens
status
done
type
task
descriptionCreate secure tokens, token data itself consists of:
{
"token-id": ,
"token-created-at": EPOCH SECONDS,
"token-expires-at": ,
"user-id": ,
"user-email": "jjbigorra@gmail.com",
"user-name": "Joe"
}
Every call made, we need to hit db and decrypt, which means a bit of performance hit, so we can cache this for 5 minutes for example,
Once logged in, you get a token, you then use the token for every call, we cache auth oks for 5 minutes, we do not cache auth errs
After 5 min we will hit db again to check for permission.
This is separate from the token expiry time, which only when current-timestamp > token-expiry, then we need to log you out and you need to login again
Then we take that token data (in Lisp/Scheme) and serialize it to JSON, minify, base64 encode it, reverse it, encrypt with some cypher (use openssl?), base64 encode it
For decoding we base64 decode, decrypt it (use openssl?), reverse it, base64 decode it, and parse the JSONhuman iduberprojekt-248priority200id27fb7873-6f10-428a-a39f-75e9792ef091