Endpoint to check tokens

reporangler / auth-service

A webservice to handle authentication for repository access

MIT License

0 stars 0 forks source link

Endpoint to check tokens #2

Closed christhomas closed 5 years ago

christhomas commented 5 years ago

When a user logs in a token should be generated and stored in the 'tokens' table. This token is replied to the user in the response and it's used for subrequest authentication for other services instead of constantly passing around the password.

We need the following:

an endpoint to submit the token for checking
a service to check the token for that username on that repository is valid
if invalid, remove it and return false
if valid, return a valid user data array

christhomas commented 5 years ago

I created the new endpoint, it'll return the user associated with the token, remove expired tokens, or 404 when it's not found.