As everything in Where U At? it's a REST implementation that looks like the following (a few details are omitted):
- POST: /tokens
- Request Data
- password
- manufacturerId
- Returns: Token
- GET: /tokens/{UUID}
- Returns: Token
- DELETE: /tokens/{UUID}
- Token
- token_id
- expiration
- user_id
- device_id
- User
- user_id
- name
- password (one way encrypted)
- Device
- device_id
- type
- manufacturer_id
- security_id
Any application can create a token (i.e. login) and store the token or token_id locally and reuse that. For any requests to our other services you simply pass an X-Token header with the token_id as the value. The other resources will validate the token is valid (i.e. that it exists and is not expired).
Any application can verify the token using a GET request if they so desire. Additionally, they can delete a token to perform a logout.
A token_id has the same security behavior as a cookie based session id like every web app in existance these days and can be "stolen". To prevent this all requests are encrypted using standard SSL (not just login) so that only the server and device ever can see the token.
New customers to Big Spin are going to get entry to a welcome offer worth as much as} $1,000. The bonus is a massive 200% 카지노사이트 match of your first deposit of $45 or more. It comes with a low wagering requirement of 30x the combined bonus and deposit sum.
ReplyDelete