Closed skull-squadron closed 1 year ago
Thank you for your input. Rodauth does not require JWT (you can use the JSON API without JWT), but it does support JWT. This is not a bug in Rodauth, so I'm closing this.
Not a bug, but a consideration. :) Also, have you had a look at PAKE protocols such as OPAQUE?
@steakknife Considerations should be posted on GitHub discussions, not issues 😉. Issues are for bug reports that have a specific solution, issues' open/close state doesn't work well for discussions.
I didn't even know you had issues enabled. :D
Cool.
On Mon, Sep 5, 2022 at 2:48 AM Janko Marohnić @.***> wrote:
@steakknife https://github.com/steakknife Considerations should be posted on GitHub discussions, not issues 😉. Issues are for bug reports that have a specific solution, issues' open/close state doesn't work well for discussions.
— Reply to this email directly, view it on GitHub https://github.com/jeremyevans/rodauth/issues/261#issuecomment-1236654710, or unsubscribe https://github.com/notifications/unsubscribe-auth/AABWYMGJXPW3JML2UEXBMZTV4WQVPANCNFSM6AAAAAAQET6ZIQ . You are receiving this because you were mentioned.Message ID: @.***>
On Mon, Sep 5, 2022 at 6:46 PM Barry Allard @.***> wrote:
I didn't even know you had issues enabled. :D
Cool.
On Mon, Sep 5, 2022 at 2:48 AM Janko Marohnić @.***> wrote:
@steakknife https://github.com/steakknife Considerations should be posted on GitHub discussions, not issues 😉. Issues are for bug reports that have a specific solution, issues' open/close state doesn't work well for discussions.
— Reply to this email directly, view it on GitHub https://github.com/jeremyevans/rodauth/issues/261#issuecomment-1236654710, or unsubscribe https://github.com/notifications/unsubscribe-auth/AABWYMGJXPW3JML2UEXBMZTV4WQVPANCNFSM6AAAAAAQET6ZIQ . You are receiving this because you were mentioned.Message ID: @.***>
Interesting project. I was looking to implement WebAuthn SSO at home using a FIDO2 solution.
Security tokens
I was having a look around and noticed JWT.
PASETO vs. JW[TES]
https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standard-that-everyone-should-avoid
https://paseto.io