Closed noahnu closed 7 years ago
Update: Just need to add the "handshake" to the client and a way to generate request tokens.
New Schema:
CREATE TABLE `device_request_tokens` (
`StoreID` INT(11) NOT NULL,
`RequestToken` VARCHAR(128) PRIMARY KEY,
`ExpiryDate` INT(11) NOT NULL,
FOREIGN KEY (`storeID`) REFERENCES stores(`id`)
ON UPDATE CASCADE
ON DELETE CASCADE
) ENGINE=InnoDB;
CREATE TABLE `device_authorization` (
`AccessToken` VARCHAR(128) PRIMARY KEY,
`DeviceUUID` VARCHAR(128) UNIQUE KEY,
`ExpiryDate` INT(11) NOT NULL
) ENGINE=InnoDB;
ALTER TABLE `tablets` ADD UNIQUE (`SerialCode`);
Schema changes made to production.
Need a protocol for device/tablet to server communication to ensure:
Requirements
[? = Uncertain / Optional]
Under assumptions:
Proposed Implementation
Using HTTP Bearer Authorization. Not full OAuth.
Register API
Renew API
Request Token Generation
(storeId, _request_token_, expiry) UNIQUE (_request token)
Related to #99