Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: user registration - encrypting credentials #38

Closed
hn275 opened this issue Apr 11, 2023 · 1 comment
Closed

fix: user registration - encrypting credentials #38

hn275 opened this issue Apr 11, 2023 · 1 comment
Labels
enhancement New feature or request

Comments

@hn275
Copy link

hn275 commented Apr 11, 2023
edited
Loading

at endpoint /users/, server now expects a jwt of user credentials, here's the request body:

{
    "credentials": "<jwt-encoded-string>"
}

the secret you need is in .env (JWT_SECRET entry) in server repo, refer to PR #47 (though this is probably subjected to change for release.)

Here's an example of the claim:

{
  "iat": 1516239022,
  "exp": 3526239022,
  "credentials": {
    "username": "foo",
    "school_id": "UVIC",
    "faculty": "computer_science",
    "year_of_study": "two",
    "password": "bar",
    "email": "[email protected]"
  }
}
  • Set the exp props of your choice.
  • This a proof of concept. There might be more claim fields to be included in the future (iss, aud for starter.)

This is the corresponding jwt, for testing purposes:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MTYyMzkwMjIsImV4cCI6MzUyNjIzOTAyMiwiY3JlZGVudGlhbHMiOnsidXNlcm5hbWUiOiJmb28iLCJzY2hvb2xfaWQiOiJVVklDIiwiZmFjdWx0eSI6ImNvbXB1dGVyX3NjaWVuY2UiLCJ5ZWFyX29mX3N0dWR5IjoidHdvIiwicGFzc3dvcmQiOiJiYXIiLCJlbWFpbCI6ImZvb0BiYXIuY29tIn19.Aem7IGS4hpwi2rnXD8xnST4PK1rG6u8UN9vy0qQTYwk

https://jwt.io/ (leave the secret base64 encoded unchecked)
@hn275 hn275 added the enhancement New feature or request label Apr 11, 2023
@hn275 hn275 closed this as not planned Won't fix, can't repro, duplicate, stale Apr 12, 2023
@hn275
Copy link
Author

hn275 commented Apr 12, 2023

no longer using jwt in server

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hn275