Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Follow-up PR #967 - Rely on the API to get authenticated user info and manage logout #968

Open
3 tasks
morucci opened this issue Oct 18, 2022 · 0 comments
Open
3 tasks

Comments

@morucci
Copy link
Collaborator

morucci commented Oct 18, 2022

Here is a proposal

  • Update the whoiam [1] endpoint to return the authenticated user's info as well as the expiration date of the JWT token.
  • Before the rendering the Web APP must call the whoami endpoint to discovered if the user own an authenticated session. The Web APP's store is then filed accordingly.
  • Add a new logout API endpoint that use servant-auth-server clear-session [2]

[1] https://github.com/change-metrics/monocle/blob/master/src/Monocle/Api/Server.hs#L100
[2] https://hackage.haskell.org/package/servant-auth-server-0.4.7.0/docs/src/Servant.Auth.Server.Internal.Cookie.html#clearSession

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant