Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gracefully transition from old secret to new secret key #2

Open
amitguptagwl opened this issue Oct 5, 2018 · 0 comments
Open

Gracefully transition from old secret to new secret key #2

amitguptagwl opened this issue Oct 5, 2018 · 0 comments
Labels
first-timers-only This issue is suitable for first timers. However, can be picked by any contributors good first issue Good for newcomers help wanted Extra attention is needed

Comments

@amitguptagwl
Copy link
Member

A user may not want to use the same secret to encrypt/decrypt the session-id. But if he/she changes the secret, it'll invalidate all the previously encrypted session-ids. So we want to introduce an option "transition"

{
  transition: {
     duration: 3600, //in seconds
     secret: "some complex secret"
  }
}

When this property is present, all the previous sessions will be renewed using the new secret And all the new sessions will be created using the new secret. Next time when the user wants to update the key, he needs to copy new key to the old key and very new key to transition.secret.
@amitguptagwl amitguptagwl added help wanted Extra attention is needed good first issue Good for newcomers first-timers-only This issue is suitable for first timers. However, can be picked by any contributors labels Oct 5, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
first-timers-only This issue is suitable for first timers. However, can be picked by any contributors good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@amitguptagwl