You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Joken, the library we're using for handling JWTs, supports more than just the HS* algorithms. The idea is to use the hs/rs/... functions found in signer.ex and support specifying the algorithm using an additional environment variable. For example:
Currently
RIG supports
hs256
only; the secret is read fromJWT_SECRET_KEY
.Idea:
Joken, the library we're using for handling JWTs, supports more than just the HS* algorithms. The idea is to use the
hs
/rs
/... functions found insigner.ex
and support specifying the algorithm using an additional environment variable. For example:or
Basically, you'd do something along the lines of:
Additional thoughts
Joken does not support token encryption, which might be a future requirement. Here's a nice overview about JWT algorithms and what they're used for.
The text was updated successfully, but these errors were encountered: