1 # @squeep/resource-authentication-module
3 Inter-server API authentication management.
5 Specific to Squeep Framework Applications, this module has strong opinions and makes many assumptions.
7 This is just a time-gated pre-shared-secret HMAC bearer-token scheme.
11 A token is constructed with:
13 - a resource identifier, which is a UUID, rendered as 24 bytes of base64url encoded string
14 - the current epoch, which is rendered as a base10 string
15 - a salt value, which is random data rendered in 28 bytes of base64url encoded string
16 - a sha256 hmac of the above data, rendered as a base64url encoded string
18 These fields are all joined with ':' to form the token.