noth/surrealpatch
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
surrealpatch/docs/SECURITY.md
Tobie Morgan Hitchcock 6f1f39226f Add initial documentation
2016-02-26 22:28:02 +00:00

589 B
Raw Blame History

Surreal

Surreal is a NoSQL Document and Graph database

Authentication

  • Accept connection on HTTP (RESTful)

  • Check JWT token

    • Get id from token (account id)
    • Get db from token (database name)
    • Check token against database /surreal/{id}/{db}/!/tokens/{token}
    • HTTP 403 if token does not exist

  • Accept connection on HTTP (Websocket)

  • Check JWT token

    • Get id from token (account id)
    • Get db from token (database name)
    • Check token against database /surreal/{id}/{db}/!/tokens/{token}
    • HTTP 403 if token does not exist