Lines Matching +full:long +full:- +full:lived

9 The build options needed are `-DLWS_WITH_JOSE=1` `-DLWS_WITH_GENCRYPTO=1`.
12 and finally a JWT-via http cookie level creation apis each building on top of
19 doing, you can cut-and-paste out those implementations and create your own
24 Lws JWT uses mainly well-known fields
27 ---|---|---
30 iat|yes|Unix-time "Issued At"
31 nbf|yes|Unix-time "Not Before"
32 exp|yes|Unix-time "Expired"
34 csrf|no|A random 16-char hex token generated with the JWT for use in links specific to the JWT bear…
35 ext|no|Application-specific JSON sub-object with whatever fields you need, eg, `"authorization": 1`
45 token's validity time, usually to a few tens of minutes or how long it takes a
52 performs some action with side-effects on the site he has active auth on.  For
66 forged links, so the attacker-controlled action gets rejected at the server as
76 perform actions with side-effects like deletion or money transfer should need
84 re-fetched.  Even if the contents are visible without authentication, additional
94 stored in the browser's password store and receive a new short-term JWT with a
98 ## Considerations for long-lived connections
100 Once established as authorized, websocket links may be very long-lived and hold
105 At least for actions on the long-lived connection, it should not only confirm
110 Ideally the server should close long-lived connections according to their auth
115 The related apis are in `./include/libwebsockets/lws-jws.h`
153 	/**< sign-entry, validate-exit: subject */
155 	/**< sign-entry, validate-exit:
158 	/**< validate-exit:
161 	/**< validate-entry:
163 	unsigned long			expiry_unix_time;
164 	/**< sign-entry: seconds the JWT and cookie may live,
165 	 * validate-exit: expiry unix time */