Closed xsyann closed 1 year ago
Allow users to login using a JWT provided in query param.
For instance: https://app.lemverse.com?token={jwt_token} The minimal required payload is the user email in the sub claim:
https://app.lemverse.com?token={jwt_token}
sub
{ "sub": "user@example.com" }
Additional standard claims can be used (for instance to limit the token validity in a time range):
{ "sub": "user@example.com", "nbf": 1667563200, "exp": 1667570400, }
and a custom level_id claim allows to log-in a user in a specific level:
level_id
{ "sub": "user@example.com", "level_id": "lvl_nENCytZvbcHhxsFSt" }
When "jwtAuthSecret" is not provided in the settings, the JWT login handler is completely disabled.
"jwtAuthSecret"
This feature allows to generate time ranged login links from a third party app.
Allow users to login using a JWT provided in query param.
For instance:
https://app.lemverse.com?token={jwt_token}
The minimal required payload is the user email in thesub
claim:Additional standard claims can be used (for instance to limit the token validity in a time range):
and a custom
level_id
claim allows to log-in a user in a specific level:When
"jwtAuthSecret"
is not provided in the settings, the JWT login handler is completely disabled.This feature allows to generate time ranged login links from a third party app.