noth/surrealpatch
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
surrealpatch/doc/SECURITY.md
Tobie Morgan Hitchcock e758a8e8fc Move docs/ to doc/
2016-08-10 10:52:56 +01:00

589 B
Raw Blame History

Surreal

Surreal is a NoSQL Document and Graph database

Authentication

  • Accept connection on HTTP (RESTful)

  • Check JWT token

    • Get id from token (account id)
    • Get db from token (database name)
    • Check token against database /surreal/{id}/{db}/!/tokens/{token}
    • HTTP 403 if token does not exist

  • Accept connection on HTTP (Websocket)

  • Check JWT token

    • Get id from token (account id)
    • Get db from token (database name)
    • Check token against database /surreal/{id}/{db}/!/tokens/{token}
    • HTTP 403 if token does not exist