Skip to content

Gracefully transition from old secret to new secret key #2

New issue
New issue
Open
Open
Gracefully transition from old secret to new secret key#2
Labels
first-timers-onlyThis issue is suitable for first timers. However, can be picked by any contributorsgood first issueGood for newcomershelp wantedExtra attention is needed
@amitguptagwl

Description

@amitguptagwl
amitguptagwl
opened on Oct 5, 2018

A user may not want to use the same secret to encrypt/decrypt the session-id. But if he/she changes the secret, it'll invalidate all the previously encrypted session-ids. So we want to introduce an option "transition"

{
  transition: {
     duration: 3600, //in seconds
     secret: "some complex secret"
  }
}

When this property is present, all the previous sessions will be renewed using the new secret And all the new sessions will be created using the new secret. Next time when the user wants to update the key, he needs to copy new key to the old key and very new key to transition.secret.

Metadata

Metadata

Assignees

No one assigned

    Labels

    first-timers-onlyThis issue is suitable for first timers. However, can be picked by any contributorsgood first issueGood for newcomershelp wantedExtra attention is needed

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions