Basic auth POC using hapi yar and a client-side reverse-proxy
- User visits site for first time, no cookie, generate token payload, encrypt, then store in an HTTP only cookie
- User visits site with expired cookie, generate a new token payload, encrypt, then and store in an HTTP only cookie
- User visits site with invalid token TOKEN_FRESHNESS threshold, but token has not expired, pro-actively re-auth the user
- User visits site with invalid token TOKEN_FRESHNESS threshold and is expired, generate a new token payload, encrypt, then and store in an HTTP only cookie
- Add SSL support
- Restrict by domain name