mod_auth_internal_jwt

A Prosody SASL module to authenticate users using a JWT (JSON Wet Token).

Example Config

VirtualHost "host.tld"
    authentication = "internal_jwt"
    jwt_signing_secret = "something-decently-secret-with-entropy"
    ssl = {
        -- Setup TLS Ok?
        -- Otherwise the token would be clear text and that's bad
    }

The token

{
    "jid": "[email protected]"
}

Todo

Nonces to prevent replay attacks
Timestamps to prevent old tokens authenticating
Expiry timestamp for the same reason
Per user secrets stored in the manager?
More than one secret?

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
README.md		README.md
jwt.lib.lua		jwt.lib.lua
mod_auth_internal_jwt.lua		mod_auth_internal_jwt.lua

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

mod_auth_internal_jwt

Example Config

The token

Todo

About

Releases

Packages

Languages

alexwright/prosody-mod-auth-jwt

Folders and files

Latest commit

History

Repository files navigation

mod_auth_internal_jwt

Example Config

The token

Todo

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages