LucidPlan
login
projects
ui mode
🔗 go to
bewaking
byggsteg
emacs-packages
ggg
hygguile
iter-vitae
jjba23-socials
jointhefreeworld
keuringsdienst
kracht
lucidplan
oculuslambda
orgwebalchemy
pingwing
pop-server
pop-test
supreme-sexp-system
uberprojekt
wikimusic
wolk-jjba
title
status
To-do
Work in Progress
In Review
Done
Rejected
type
Task
Bug
Story
Spike
Time Box
priority
description
Create secure tokens, token data itself consists of: { "token-id": <UUID>, "token-created-at": ~EPOCH SECONDS~, "token-expires-at": <EPOCH SECONDS>, "user-id": <UUID>, "user-email": "jjbigorra@gmail.com", "user-name": "Joe" } Every call made, we need to hit db and decrypt, which means a bit of performance hit, so we can cache this for 5 minutes for example, Once logged in, you get a token, you then use the token for every call, we cache auth oks for 5 minutes, we do not cache auth errs After 5 min we will hit db again to check for permission. This is separate from the token expiry time, which only when current-timestamp > token-expiry, then we need to log you out and you need to login again Then we take that token data (in Lisp/Scheme) and serialize it to JSON, minify, base64 encode it, reverse it, encrypt with some cypher (use openssl?), base64 encode it For decoding we base64 decode, decrypt it (use openssl?), reverse it, base64 decode it, and parse the JSON
submit