Skip to content
Snippets Groups Projects
Commit 3146b538 authored by Victor Löfgren's avatar Victor Löfgren
Browse files

Add section about JWT in overview

parent f82de126
No related branches found
No related tags found
1 merge request!159Resolve "Documentation"
......@@ -26,3 +26,13 @@ The Node server will then send them back to the client.
The client can also communicate directly with the server via sockets.
These are suited for fast real time communication.
Thus they are used during an active presentation to sync things between different views such as current slide and timer.
### JSON Web Tokens (JWT)
We use JSON Web Tokens (JWT) for authentication, both for API and socket events.
A JWT is created on the server when a user logs in or connects to competition.
We store some information in JWT, which can be seen in the file `server/app/apis/auth.py`.
The JWT is also encrycpted using the secret key defined in `server/configmodule.py`.
(OBS. Change this key before running the server in production).
The client can read the contents of the JWT but cannot modify them because it doesn't have access to the secret key.
This is why the server can simply read the contents of the JWT be sure that the client is who it says it is.
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment