You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Recent merging of #1291 reminded me that this has not been done.
Currently we use this as a token and intended for it to expire, but as you can see from jmclient.wallet_rpc.JMWalletDaemon.check_cookie we are only checking the encoded secret and not decoding it.
I would appreciate it if someone researches (or already knows) the best way to use such JWT tokens could chime in and either PR or just explain the best way to use them for our use case. What we have now is extremely crude.
The text was updated successfully, but these errors were encountered:
Added help wanted because this is certainly something that someone, especially someone even moderately familiar with JWT or API authentication in general, could do, instead of me.
Recent merging of #1291 reminded me that this has not been done.
Currently we use this as a token and intended for it to expire, but as you can see from
jmclient.wallet_rpc.JMWalletDaemon.check_cookie
we are only checking the encoded secret and not decoding it.joinmarket-clientserver/jmclient/jmclient/wallet_rpc.py
Line 362 in 537d2ac
I would appreciate it if someone researches (or already knows) the best way to use such JWT tokens could chime in and either PR or just explain the best way to use them for our use case. What we have now is extremely crude.
The text was updated successfully, but these errors were encountered: