Closed programming-kid closed 10 years ago
Yes, please see the wiki.
cool but there is one thing i dont understand , if authentication is based on jwt why is there a sessions collection created . as per my understanding whole point of jwt is to eliminate sessions , rather use tokens .
Can anyone pls explain auth process or point to some ref article .
Sessions are only used for the twitter oAuth passport strategy: https://github.com/jaredhanson/passport-twitter/issues/43
i just generated a app without including twitter oauth it still creates session collection
{
_id: "8RD2jKBCO6MfyhsPD8QKzEDf",
session: "{\"cookie\":{\"originalMaxAge\":null,\"expires\":null,\"httpOnly\":true,\"path\":\"/\"}}",
expires: ISODate("2014-07-17T07:40:04.109Z")
}
is this the expected behavior ??
It is expected, but I probably should make the sessions depend on using twitter oAuth
yep :+1:
It would be nice to have token based authentication in 2.0 release @DaftMonk do you have any plans to include token based authentication in fullstack .
Thanks