QSS: Prepare a basic server implementation for hosting and serving invitation data

[siepra]

For the first iteration, we can build a server with NodeJS that lives on an EC2 instance lambda in AWS.

It can have a single API endpoint: https://api.tryquiet.org/invite/<CID> where CID is the CID of the invite data file.

The endpoint can support GET and PUT calls and can authenticate via basic authentication with an API token.

This endpoint will serve a JSON object with the following format:

{
   id: string
   rootCa: string
   ownerCertificate: string
   ownerOrbitDbIdentity: string
   peerList: string[]
}

[siepra]

@leblowl I think this payload misses a very important part of information which is 'general' channel data. We need it to allow user into the app and send 'welcome' message.

Also am I getting it right that for now we're not interested in hosting an actual Orbitdb-ready file, but just a JSON containing mentioned information instead?

[siepra]

@leblowl what ideas do you have on "basic authentication with an API token"? Should it be like jwt for anyone who requests it?

[leblowl]

Also am I getting it right that for now we're not interested in hosting an actual Orbitdb-ready file, but just a JSON containing mentioned information instead?

I'm not sure, we can choose whichever path seems more appropriate.

what ideas do you have on "basic authentication with an API token"? Should it be like jwt for anyone who requests it?

I'd just use the Authorization header, e.g. Authorization: Basic <base64_encoded_access_token> and just hard-code an access token in config or whatever is easiest for now. https://en.wikipedia.org/wiki/Basic_access_authentication