Skip to content
New issue
Jump to bottom

Load JWT path from environment file #14

Closed
campb303 opened this issue Mar 17, 2021 · 1 comment
Closed

Load JWT path from environment file #14

campb303 opened this issue Mar 17, 2021 · 1 comment
Labels
feature-request Request for functionality that has not already been implemented

Comments

@campb303
Copy link
Collaborator

Continued from ECN/webqueue2-frontend#187

In order to sync the JWT token path, the API should be modified to accept an override for this path via an environment variable files and/or string.
@campb303 campb303 added the feature-request Request for functionality that has not already been implemented label Mar 17, 2021
@campb303 campb303 added this to the v2-production-ready milestone Mar 17, 2021
@campb303 campb303 mentioned this issue Mar 17, 2021
Closed
@campb303
Copy link
Collaborator Author

After reconsideration of risks, I don't think it is necessary to restrict the JWT path. The cookie containing the refresh token is HTTP Only and Secure meaning it is not accessible to the client and only sent over an encrypted connection. Therefore to save some headache we can let the JWT path default to / and be done with this. Will make this change in staging now.

Sign in to join this conversation on GitHub.
Assignees
No one assigned
Labels
feature-request Request for functionality that has not already been implemented
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@campb303