JSON Web Token Security Enhancement #36

Open
opened 2020-03-24 14:26:42 -07:00 by Max · 0 comments
Owner

Add additional data to the json web token that makes it more secure for the user.

  • Add some amount of time before it times out, like 30 days or something.
  • Add some data other than the user ID to make sure the same token can't be used on multiple devices
  • Add some data that ensures the user created it and it wasn't copied by someone who knew the password to to create the token.
  • Add a set number of requests per token. Have some way to refresh request count like opening a note, saving a note, etc
Add additional data to the json web token that makes it more secure for the user. * Add some amount of time before it times out, like 30 days or something. * Add some data other than the user ID to make sure the same token can't be used on multiple devices * Add some data that ensures the user created it and it wasn't copied by someone who knew the password to to create the token. * Add a set number of requests per token. Have some way to refresh request count like opening a note, saving a note, etc
Max added the
Security
Enhancement
labels 2020-03-24 14:26:42 -07:00
Sign in to join this conversation.
No Milestone
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Max/SolidScribe#36
No description provided.