Open ferdn4ndo opened 3 years ago
Let's implement a JWT approach with token login (informing an API-Key to authenticate in the /login endpoint), and we store this token as a key for a JSON payload containing the metadata (if has admin access or not and maybe a name). That way we will be able to support user/password login in the future if we want to.
Implement JWT authentication system over the base Tornado environment.
Might be useful: https://github.com/vsouza/JWT-Tornado