Document the openssl dependency, the Proof-of-Knowledge authentication #88
Conversation
|
👋 Thanks for assigning @tnull as a reviewer! |
|
Fixes #77 |
rust/README.md
Outdated
|
|
||
| - Install Rust and Cargo (https://www.rust-lang.org/tools/install). | ||
| - Install PostgreSQL 15 (https://www.postgresql.org/download/) | ||
| - Install openssl (used for TLS connections to the postgres backend: https://docs.rs/openssl/latest/openssl/#automatic) |
There was a problem hiding this comment.
| - Install openssl (used for TLS connections to the postgres backend: https://docs.rs/openssl/latest/openssl/#automatic) | |
| - Install OpenSSL (used for TLS connections to the PostgreSQL backend: https://docs.rs/openssl/latest/openssl/#automatic) |
rust/README.md
Outdated
| environment variables as needed. Add PostgreSQL endpoint configuration. | ||
| 2. Create table in PostgreSQL using `./impls/src/postgres/sql/` | ||
| environment variables as needed. | ||
| 2. VSS will setup a Postgres database on first launch if it is not found. You can also manually create the database |
There was a problem hiding this comment.
| 2. VSS will setup a Postgres database on first launch if it is not found. You can also manually create the database | |
| 2. VSS will setup a PostgreSQL database on first launch if it is not found. You can also manually create the database |
README.md
Outdated
| without authentication for local testing or in trusted setups. The VSS-rust-client supports LNURL-auth & JWT based | ||
| authentication and authorization. Switching to simple HTTP header authentication is straightforward by adding another | ||
| implementation. Note that the security of authentication heavily relies on using HTTPS for all requests. | ||
| * **Authentication and Authorization**: Currently, the VSS-server supports authentication via Proof-of-Knowledge |
There was a problem hiding this comment.
Proof-of-Knowledge of what? Two-three more words might help here. Also maybe link to the new section below?
README.md
Outdated
| authentication and authorization. Switching to simple HTTP header authentication is straightforward by adding another | ||
| implementation. Note that the security of authentication heavily relies on using HTTPS for all requests. | ||
| * **Authentication and Authorization**: Currently, the VSS-server supports authentication via Proof-of-Knowledge | ||
| or [JWT](https://datatracker.ietf.org/doc/html/rfc7519). The API also offers hooks for simple HTTP header |
There was a problem hiding this comment.
| or [JWT](https://datatracker.ietf.org/doc/html/rfc7519). The API also offers hooks for simple HTTP header | |
| or [JWT](https://datatracker.ietf.org/doc/html/rfc7519). The API also offers hooks for simple HTTP header-based |
There was a problem hiding this comment.
If we describe these rust-only changes in the global README, maybe we should consider to remove the java version soonish? What's our current thinking around timeline for that?
There was a problem hiding this comment.
I pick two weeks from now February 6th as the date we delete the Java version how is that ?
There was a problem hiding this comment.
SGTM. We should probably also create a tag pre-deletion to make sure we can easily reference the code if we need it.
tankyleo
force-pushed
the
26-01-openssl-pok-create
branch
2 times, most recently
from
bc3161f to
5aa767d
Compare
Also document the automatic creation of the database if it does not exist.
tankyleo
force-pushed
the
26-01-openssl-pok-create
branch
from
5aa767d to
270753f
Compare
|
🔔 1st Reminder Hey @tnull! This PR has been waiting for your review. |
3 participants
Also document the automatic creation of the database if it does not exist.