Alles Session Server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
Archie 7882c75e15 PATCH /tokens returns session and scope 1 week ago
api PATCH /tokens returns session and scope 1 week ago
db Create Session endpoint 1 month ago
.env.example First Commit 1 month ago
.gitignore First Commit 1 month ago
Dockerfile First Commit 1 month ago
LICENSE First Commit 1 month ago
README.md PATCH /tokens returns session and scope 1 week ago
docker-compose-example.yml First Commit 1 month ago
index.js Updated format of delete session endpoint 1 month ago
package.json Removed CORS 1 month ago
random.js Create Session endpoint 1 month ago
yarn.lock Removed CORS 1 month ago

README.md

Sessions

This is the service that handles Alles Sessions.

There are two types of tokens: Token-As and Token-Bs. A Token-A is a temporary token (which expires after a minute) for redirect urls that can only be used once, and should immediately be converted to a Token-B by making a PATCH request to /tokens. The Token-B can then be used indefinitely as a token for the session, and be stored in a cookie or similar.

A session should be created when the user signs in, and a single token will be created for it. Every service the user accesses should have its own token and specify the scope. When the session is deleted, all tokens become invalid.

Endpoints

  • GET /sessions - Get a user's 20 most recent sessions (QUERY: user)
  • DELETE /sessions/:id - Delete a session and its tokens
  • POST /sessions - Create a session (BODY: user, userAgent, address)
  • POST /tokens - Create an A token for a session (BODY: session, scope)
  • PATCH /tokens - Transform an A token into a B token (BODY: token)
  • GET /tokens - Get data from B token (QUERY: token)