2 releases
0.0.2 | Sep 4, 2023 |
---|---|
0.0.1 | Aug 18, 2023 |
#1318 in Development tools
65KB
1.5K
SLoC
Passdata
Passdata
is authentication and authorization data expressed in a logic
programming language. Data should fit within the limits of a HTTP cookie or
header. The language is limited in order to guarantee execution characteristics
during execution.
Applications and services which accept Passdata
are intended to be usable
without the need to contact a centralized service for every operation.
The library is experimental and is not intended for production usage.
Alternatives
There are many alternatives which are considered production ready. It is strongly recommended to look into these alternatives.
- HTTP sessions
- JSON Web Tokens (JWT)
- Pasteo
- Macroons
- Biscuit
Differences from Alternatives
Compared to traditional HTTP sessions, Passdata
does not require a server side
persistence data store. More computation is done in the application code to
process Passdata
, but the tradeoff may be desirable in situations where compute
is cheap but the cost in persisting and retrieving from storage is high.
JSON Web Tokens and Pasteo are primarily used with a limited set of predefined
data fields. Passdata
allows arbitrary data.
Passdata
is not focused on token attenutation unlike Macaroons and Biscuits.
Passdata
is most similar to Biscuits which has its own logic programming
language. However, Passdata
has a more limited logic programming language in
order to provide better guarantees on possible resource usage.
License
Licensed under either of Apache License, Version 2.0 or MIT License at your option.
Contributions
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
Dependencies
~290KB