# HG changeset patch # User Matthew Wild # Date 1673719180 0 # Node ID a8df4d2447d098e472a77a81e5630a06a946be83 # Parent 18ed655c755d1c67dca19456f34f307a118f68d9 mod_unified_push: README: Update docs diff -r 18ed655c755d -r a8df4d2447d0 mod_unified_push/README.md --- a/mod_unified_push/README.md Sat Jan 14 17:59:29 2023 +0000 +++ b/mod_unified_push/README.md Sat Jan 14 17:59:40 2023 +0000 @@ -26,15 +26,54 @@ ## Configuration -| Name | Description | Default | -|-------------------------------|--------------------------------------------------------|-----------------------| -| unified_push_secret | A random secret string (32+ bytes), used for auth | | -| unified_push_registration_ttl | Maximum lifetime of a push registration (seconds) | `86400` (1 day) | +| Name | Description | Default | +|-------------------------------|---------------------------------------------------------|---------------------------------------------| +| unified_push_acl | A list of domains or users permitted to use the service | current host, or parent host if a component | +| unified_push_backend | Backend to use: "paseto", "storage" or "jwt" | "paseto" (trunk), "storage" (0.12) | +| unified_push_registration_ttl | Maximum lifetime of a push registration (seconds) | `86400` (1 day) | + +### Backends + +The module needs to track registrations, and be able to associate tokens with +users. There are multiple ways to do this, but not every method is supported +on every Prosody version. + +By default the module will automatically select the best backend that is +supported on the current Prosody version you are using. + +#### storage backend + +This is the default backend on Prosody 0.12 and earlier. It stores tokens and +their associated data in Prosody's configured data store. + +Supported by all Prosody versions. + +#### paseto backend + +This is a stateless (i.e. no storage required) backend that uses encrypted +[PASETO tokens](https://paseto.io/) to store registration info. It is the +default backend on Prosody trunk, as PASETO support is not available in +Prosody 0.12 and earlier. + +#### jwt backend + +This is a stateless backend that uses [JWT tokens](https://jwt.io/) to store +registration info. It is supported in Prosody 0.12 and higher. + +**Note:** The JWT tokens are **not encrypted**, which means the JID +associated with a registration is visible to apps and services that send you +push notifications. This can have privacy implications. If in doubt, do not +use this backend. + +This backend requires you to set a secure random string in the config file, +using the `unified_push_secret` option. A random push secret can be generated with the command `openssl rand -base64 32`. Changing the secret will invalidate all existing push registrations. +### HTTP configuration + This module exposes a HTTP endpoint (to receive push notifications from app servers). For more information on configuring HTTP services in Prosody, see [Prosody HTTP documentation](https://prosody.im/doc/http). @@ -57,4 +96,4 @@ ## Compatibility | trunk | Works | -| 0.12 | Should work | +| 0.12 | Works |