Mercurial > p > roundup > code
view website/www/docs.txt @ 7809:be6cb2e0d471
feat: add support for rotating jwt keys
This allows jwt_secret to have multiple ',' separated secrets. The
first/leftmost should be used to sign new JWTs. All of them are used
(starting from left/newest) to try to verify a JWT.
If the first secret is < 32 chars in length JWTs are disabled. If any
of the other secrets are < 32 chars, the configuration code causes the
software to exit. This prevents insecure (too short) secrets from
being used.
Updated doc examples and tests.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 14 Mar 2024 19:04:19 -0400 |
| parents | e3b35dcf0dcb |
| children | e3b34d02c61a |
line wrap: on
line source
.. meta:: :description: Table of contents for published documentation on the Roundup Issue Tracker. Docs ==== .. admonition:: Welcome The documentation is slowly being reorganized using the `Diataxis framework`_. Help with the reorganization is welcome. If a page you used to see is missing, try checking the `Other Docs <olderdocs.html>`_ page. See: https://wiki.roundup-tracker.org/ReleaseErrata for fixes to documentation. .. _diataxis framework: https://diataxis.fr/ .. toctree:: :maxdepth: 2 Features <docs/features> Installation <docs/installation> Upgrading to Newer Versions <docs/upgrading> Security Issues <docs/security> FAQ <docs/FAQ> User's Guide <docs/user_guide> Customising <docs/customizing> Rest API <docs/rest> XML-RPC API <docs/xmlrpc> Reference <docs/reference> Glossary <docs/glossary> docs/admin_guide docs/license docs/acknowledgements olderdocs