Mercurial > prosody-modules
comparison mod_sasl2_fast/README.md @ 5092:6594e7a9a174
mod_sasl2_fast: Add README
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 28 Nov 2022 12:06:28 +0000 |
| parents | |
| children | 745c7f4cca40 |
comparison
equal
deleted
inserted
replaced
| 5091:ec9bca2ac2b5 | 5092:6594e7a9a174 |
|---|---|
| 1 --- | |
| 2 labels: | |
| 3 - Stage-Beta | |
| 4 summary: "Fast Authentication Streamlining Tokens" | |
| 5 --- | |
| 6 | |
| 7 This module implements a mechanism via which clients can exchange a password | |
| 8 for a secure token, improving security and streamlining future reconnections. | |
| 9 | |
| 10 At the time of writing, the XEP that describes the FAST protocol is still | |
| 11 working its way through the XSF standards process. You can [view the FAST XEP | |
| 12 proposal here](https://xmpp.org/extensions/inbox/xep-fast.html). | |
| 13 | |
| 14 This module depends on [mod_sasl2]. | |
| 15 | |
| 16 ## Configuration | |
| 17 | |
| 18 | Name | Description | Default | | |
| 19 |---------------------------|--------------------------------------------------------|-----------------------| | |
| 20 | sasl2_fast_token_ttl | Default token expiry (seconds) | `86400*21` (21 days) | | |
| 21 | sasl2_fast_token_min_ttl | Time before tokens are eligible for rotation (seconds) | `86400` (1 day) | | |
| 22 | |
| 23 The `sasl2_fast_token_ttl` option determines the length of time a client can | |
| 24 remain disconnected before being "logged out" and needing to authenticate with | |
| 25 a password. Clients must perform at least one FAST authentication within this | |
| 26 period to remain active. | |
| 27 | |
| 28 The `sasl2_fast_token_min_ttl` option defines how long before a token will be | |
| 29 rotated by the server. By default a token is rotated if it is older than 24 | |
| 30 hours. This value should be less than `sasl2_fast_token_ttl` to prevent | |
| 31 clients being logged out unexpectedly. |