One time token
Grants permission (read, write, delete) for a single asset. Token is valid only for a period of time specified during signing.
Obtaining
One-time token can be obtained through Signer
import { Signer, PayloadRead } from '@farbor/signer';
import { secret } from '@pallad/secret';
import { AssetRef } from "@farbor/core";
import { Duration } from 'luxon';
const signer = Signer.forCredentials({
keyId: 'your-key-id',
keySecret: secret('your-key-secret')
})
const token = await signer.signOneTimeToken(
new PayloadRead(
new AssetRef({
collection: 'image',
key: 'image.png'
})
),
{
expiresIn: Duration.from({minutes: 10})
}
)
Sending token
Via query params
// TODO
Via Authorization header
// sending through Authorization header
Use cases
Main audience for one time token are anonymous users who come to your website, app and you don't know who they are therefore you want to have strict control over what they can do with your assets.