From fb2dce5414988ffc26190b778068b8261aa65121 Mon Sep 17 00:00:00 2001 From: Nathan Coad Date: Thu, 28 Dec 2023 15:48:21 +1100 Subject: [PATCH] readme update --- README.md | 6 +++--- index.htm | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index edcfc03..27712af 100644 --- a/README.md +++ b/README.md @@ -6,9 +6,9 @@ Build Hash: `{SHA1VER}` ## Overview -Provide REST API for CRUD to store and retrieve secrets. Only password is encrypted, via AES256 GCM. Values stored encrypted within a sqlite database. +Provide REST API for CRUD to store and retrieve secrets with associated username, device name and optionally device class. Secret is stored in sqlite database once encrypted using an AES256 block cipher wrapped in Galois Counter Mode with the standard nonce length. -A successful authentication returns a JWT token which must be provided for all other operations. +All secret operations (Create, Read, Update or Delete) require successful authentication. A JWT token is returned upon login, which must be provided for all other operations. Multiple user roles are supported, with each user only able to access secrets matching their user role. One exception is the built in administrator role that is able to access all secrets. @@ -97,7 +97,7 @@ Data "password": "" } ``` -This API call will return a JWT token that must be present for any other API calls to succeed. The validity duration of this token is based on the configured TOKEN_HOUR_LIFESPAN value. JWT token is returned as value of `access_token`. +This API call will return a JWT token that must be present for any other API calls to succeed. The validity duration of this token is based on the configured TOKEN_HOUR_LIFESPAN value. JWT token is returned as value of `access_token`, and must be supplied via a HTTP header in the form `"Authorization: Bearer "` for all subsequent API calls. #### List Roles GET `/api/admin/roles` diff --git a/index.htm b/index.htm index c308f55..5f8a6ad 100644 --- a/index.htm +++ b/index.htm @@ -6,9 +6,9 @@

Overview

-

Provide REST API for CRUD to store and retrieve secrets. Only password is encrypted, via AES256 GCM. Values stored encrypted within a sqlite database.

+

Provide REST API for CRUD to store and retrieve secrets with associated username, device name and optionally device class. Secret is stored in sqlite database once encrypted using an AES256 block cipher wrapped in Galois Counter Mode with the standard nonce length.

-

A successful authentication returns a JWT token which must be provided for all other operations.

+

All secret operations (Create, Read, Update or Delete) require successful authentication. A JWT token is returned upon login, which must be provided for all other operations.

Multiple user roles are supported, with each user only able to access secrets matching their user role. One exception is the built in administrator role that is able to access all secrets.

@@ -168,7 +168,7 @@ WantedBy=multi-user.target } -

This API call will return a JWT token that must be present for any other API calls to succeed. The validity duration of this token is based on the configured TOKEN_HOUR_LIFESPAN value. JWT token is returned as value of access_token.

+

This API call will return a JWT token that must be present for any other API calls to succeed. The validity duration of this token is based on the configured TOKEN_HOUR_LIFESPAN value. JWT token is returned as value of access_token, and must be supplied via a HTTP header in the form "Authorization: Bearer <JWT_TOKEN>" for all subsequent API calls.

List Roles