Voedger Internals
  • Introduction
  • 💡Concepts
    • Event Sourcing & CQRS
    • Editions (deprecated)
      • Community Edition
      • Standart Edition
      • Standart Edition (v1)
  • 🚀Server
    • Overview (Server)
    • Design
      • Query Processor
      • API Gateway implementation
      • N1 Cluster
      • N3 Cluster
      • N5 Cluster
      • Orchestration
      • Sequences
      • Packages overview
        • sys
        • registry
    • Features
      • API Gateway
        • API v2
          • Conventions
            • API URL
            • HTTP methods and processors
            • Naming conventions
            • Query constraints
            • Error handling
          • Documents and records
            • Create document or record
            • Update document or record
            • Deactivate document or record
            • Read document or record
            • Read from CDoc collection
          • Queries
            • Read from query
          • Views
            • Read from view
          • Commands
            • Execute command
          • BLOBs
            • Create BLOB
            • Read BLOB
          • Temporary BLOBs
            • Create temporary BLOB
            • Read temporary BLOB
          • Schemas
            • List app workspaces
            • List workspace roles
            • Read workspace role schema
        • API v1
          • API Conventions
          • BLOBs
      • Admin Endpoint
      • Clusters
        • Bootstrap
        • Monitoring
        • Secure prometheus and grafana
        • Alerting
        • Maintenance
          • SELECT, UPDATE
      • VVMs
      • Applications
        • Deploy Application
        • Sidecar Applications
      • AuthNZ
        • Issue Principal Token
        • Refresh Principal Token
        • Enrich Principal Token
        • ACL Rules
        • Global Roles
      • Data types
        • Core types
        • Small integers
        • Uniques With Multiple Fields
        • Verifiable Fields
      • Workspaces
        • Create Workspace
        • Deactivate Workspace
        • See also (Workspaces)
      • Invites
        • Invite to Workspace
        • Join Workspace
        • Leave Workspace
        • Cancel sent Invite
        • Cancel accepted Invite
        • Update Invite roles
      • Users
        • Create a new user
        • Change user password
        • Send Email
        • Reset password
        • Change Email
      • Notifications
        • Heartbeats
      • Devices
        • Create a new device
        • Join device to workspace
      • Jobs
      • DMBS Drivers
        • AmazonDB Driver
      • Frozen
        • Ephemeral Storage
        • Storage Extensions
  • 🛠️Framework
    • Overview (Framework)
    • Features
      • vpm
      • vpm init
      • vpm tidy
      • vpm baseline
      • vpm orm
      • vpm build
      • API for testing
  • Development
    • Requirements Management
    • Requirements Management (Overview)
Powered by GitBook
On this page
  • Motivation
  • Functional Design
  • Headers
  • Parameters
  • Body
  • Result
  • Technical design
  • Components

Was this helpful?

Edit on GitHub
  1. 🚀Server
  2. Features
  3. AuthNZ

Issue Principal Token

Motivation

Issue (create) a new principal token in exchange for valid credentials.

Functional Design

POST /api/v2/apps/{owner}/{app}/auth/login

Headers

Key
Value

Content-Type

application/json

Parameters

Parameter
Type
Description

owner

string

name of a user who owns the application

app

string

name of an application

Body

JSON object:

{
  "Login": "login",
  "Password": "password"
}

Result

Code
Description
Body

200

OK

Returns an access token, see below

400

Bad Request

401

Unauthorized

429

Too may requests, rate limiting

500+

Server errors / service unavailable

Example result 200:

{
  "PrincipalToken": "abc.def.ghi",
  "ExpiresIn": 3600, // seconds
  "WSID": 1234567890
}

Technical design

Components

  • pkg/router

    • URL path handler ~cmp.routerLoginPathHandler~✅:

      • reads Login and Password from the Body;

      • sends APIPath_Auth_Login request to QueryProcessor;

  • pkg/processors/query2

    • IApiPathHandler implementation for handling APIPath_Auth_Login

      • ~cmp.authLoginHandler~✅

        1. using login from the argument, generates pseudo-WSID

        2. makes federation post to registry to issue a token

    • newQueryProcessorPipeline: provide API handler for APIPath_Auth_Login

      • ~cmp.provideAuthLoginHandler~✅

    • openapi:

      • add /auth/login to the list of API paths; ~cmp.provideAuthLoginPath~✅

      • add PrincipalToken component schema; ~cmp.principalTokenSchema~✅

  • pkg/sys/it

    • integration test for /login

      • ~it.TestLogin~✅

PreviousAuthNZNextRefresh Principal Token

Last updated 1 day ago

Was this helpful?

error object
error object
error object
error object