Details
-
Task
-
Resolution: Done
-
P1: Critical
-
None
-
None
-
None
Description
How this should actually work:
- On successful login
- Generate a LOGIN token
- Delete any existing LOGIN token
- Send this login token as the payload to user
- Store this login token + Qt account ID in the local storage
- For every subsequent request made to /qtcloud/users API name space should do:
- Authenticate via the LOGIN token
- Make sure that the LOGIN token belongs to the username