This repository was archived by the owner on Jan 25, 2026. It is now read-only.
This repository was archived by the owner on Jan 25, 2026. It is now read-only.
Make use of PASETO claims for finer grained control #3
The server just validates that the client's PASETO token is valid, but does not use the claims system at all.
Implement the claims system and allow, for example, for admin vs read access (e.g. for statistics). Later this might be use to generate new tokens from an admin command without requiring a client's access to the private key.