Authentication #109
Authentication #109
Conversation
|
@sneridagh you already reviewed that pull request, right? Do we have an Angular 2 client implementation from the sprint already? |
|
@buchi do you have time to finish the docs in the next days? If not it would be great if you could provide us with a few basic examples so we can finish the docs (or maybe just point us to a few tests?). |
|
Will add the documentation asap, although I'm quite busy the next week because we (4teamwork) are moving to a new office. @sneridagh Currently there's no automatic cleanup of stored tokens. I think we don't need that very much, because I see mainly two use cases:
|
|
@buchi If you're busy next week I can write it down for you if you wish. |
|
@sneridagh I've added minimal documentation now but thanks anyway. Should be ready for merging now. |
|
Tested the described functionality according to the documentation, works like a charm 🎉 (tested login, renewal, invalidating stored tokens, error response when trying to invalidate non-stored token, error response when trying to invalidate tokens twice). |
| tokens are not persisted on the server and thus can not be invalidated. To enable | ||
| token invaldiation, activate the ``store_tokes`` option in the PAS plugin. If you | ||
| need tokens that are valid indefinitly you should also disalbe the use of Plone's |
There was a problem hiding this comment.
indefinitly -> indefinitely, disalbe -> disable
|
The renewal endpoint name in the pull request body should be updated from |
|
Fixed typos in documentation |
Provides a PAS plugin for JWT based authentication.
Provides endpoints
/@login,/@logoutand/@login-renew