Open nleroy917 opened 1 week ago
the "bad tokens" implementation is easy and with the help of a library like slowapi
, could be only a few lines of code.
A user can only mint 5 tokens max is another great idea proposed by @khoroshevskyi
Maybe a combination of everything would be sufficient to deter anyone from being mean and crashing pephub :)
Ok -- I have implemented:
I suppose yet another option we could employ is periodically purging the "bad jwts" list and checking for expired keys (they can be removed since they will be rejected anyways on the basis that they are expired).
Last question I have is what to do here:
This PR adds the ability for users to create new API tokens on the fly for yourself through the PEPhub user interface. This is just a little easier than using a
cli
to do the same thing.Directly addresses: #313
Features
Caveats
The revoking problem
Revoking a token doesn't invalidate it! Because the JWT is a self-contained entity, revoking it does nothing. As long as it was minted with the appropriate secret, it is valid!
A potential workaround is to keep a list of "bad"/"revoked" JWTs and check these on the server when the authorization header is parsed for authorized requests:
A downside to this is it sets the stage for a nefarious actor to pollute the "bad tokens" in-memory store by continuously minting and revoking tokens until memory runs out. This could be solved via rate limiting the minting of tokens.