add API endpoints to generate and read user tokens (!36) · Merge requests · repos / qte / catalyst / Catalyst API

Jaime Nuche requested to merge T364566 into main May 29, 2024

New endpoints can be used to generate a new user token or retrieve details about tokens. A separate global admin token is reserved. Access to the token endpoints is limited to the admin token.

The algorithm used for the cryptographic hashing function is Argon2id. If used the following criteria to decide its configuration parameters:

I assumed a minimum of 4 physical cores for any Catalyst deployment when setting the Parallelism parameter.
We don't have plans to use sessions for the time being, which means the hashing function will be called for a majority of the API calls. To reduce the impact of this fact, I gave the memory used in each pass a modest 8MB in MemoryInKb.
To compensate for the low memory per pass, I increased the number of sequential passes by setting Iterations to a high 20. The impact on the requests processing time seemed small enough even on my local development laptop

Also piggybacked a few small refactors/improvements.

Bug: T364566

Edited May 29, 2024 by Jaime Nuche

Admin message

Admin message

add API endpoints to generate and read user tokens

Merge request reports