From 05ddf6055613df102072a5c667d698dfb44bef43 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sun, 31 Mar 2019 18:44:54 +0300 Subject: Add: facade session storage --- yuck.mdwn | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/yuck.mdwn b/yuck.mdwn index 352ccd9..67c185a 100644 --- a/yuck.mdwn +++ b/yuck.mdwn @@ -290,6 +290,13 @@ be able to support any store that supports the following: * objects can be search for, based on any field defined below, using case-independent equality or comparison to a pattern +The facade will need to store user login session data, such as the +access and refresh tokens for the user. It will store these in some +secure manner that prevents them from leaking to an attacker, such as +in memory only. It may store them (possibly encrypted) in Muck +instead, if this is needed to allow the facade to be restarted without +breaking sessions, or to run multiple copies of the facade. + ### A user A user resource represents the user. It's object ID is used to -- cgit v1.2.1