prosody-modules
ce755c661036
mod_sasl2_fast/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_sasl2_fast/README.md @ 6139:ce755c661036

mod_sasl2: revert changes that should not have been committed
author tmolitor <thilo@eightysoft.de>
date Sun, 05 Jan 2025 18:01:47 +0100
parent 6107:bc7acb8e627e
line wrap: on
line source

---
labels:
- Stage-Beta
summary: "Fast Authentication Streamlining Tokens"
rockspec:
  dependencies:
  - mod_sasl2
---

This module implements a mechanism described in [XEP-0484: Fast Authentication Streamlining Tokens] via which clients can exchange a
password for a secure token, improving security and streamlining future reconnections.

This module depends on [mod_sasl2].

## Configuration

| Name                      | Description                                            | Default               |
|---------------------------|--------------------------------------------------------|-----------------------|
| sasl2_fast_token_ttl      | Default token expiry (seconds)                         | 86400*21 (21 days)  |
| sasl2_fast_token_min_ttl  | Time before tokens are eligible for rotation (seconds) | 86400 (1 day)       |

The `sasl2_fast_token_ttl` option determines the length of time a client can
remain disconnected before being "logged out" and needing to authenticate with
a password. Clients must perform at least one FAST authentication within this
period to remain active.

The `sasl2_fast_token_min_ttl` option defines how long before a token will be
rotated by the server. By default a token is rotated if it is older than 24
hours. This value should be less than `sasl2_fast_token_ttl` to prevent
clients being logged out unexpectedly.

# Compatibility

  Prosody-Version Status
  --------------- ----------------------
  trunk           Works as of 2024-12-21
  0.12            Does not work