Closed Mazon closed 5 years ago
How are the tokens stored in the DB, would make sense to store the sessions as hash only?
This is the information save from the token https://github.com/ueberauth/guardian_db/blob/0b8683117dcf8cb7c017993df7f87972b41746ed/lib/guardian/db/token.ex#L15-L25
You rely on JWT encryption to validate and retrieve the token back https://github.com/ueberauth/guardian_db/blob/0b8683117dcf8cb7c017993df7f87972b41746ed/lib/guardian/db.ex#L137
You save the JWT token as API key, Guardian.DB will keep track of that token in the database using the hooks from the documentation, so it is easier for you invalidate the tokens.
From your use cases, it seems you need something like OAuth2 Provider instead.
Useful links
Also, I will encourage you to ask this question in Ueberauth Slack channel or Elixir forum since more people will be able to help you; this is a per-application use case.
Thank you, that was a awesome answer.
How is the tokens stored in the db, would make sense to store the sessions as hash only? or have option of storing them as hash. One user case is where using JWT as a api key for server to server communications and using the same auth framework(guardian + guardian db) for user sessions but a token that lives forever.