The priest promises to keep it safe, passing his knowledge on to his successors until they return. They leave the priest with a single bronzed key, which is to be used to open the secret room in the temple for arrangement of the weapon. Knowing that the weapon was designed to defeat a dark entity known as the Great Evil every 5,000 years, the aliens - the Mondoshawan - promise the temple's current human priest that they would return the weapon's components to Earth before the Great Evil arrived three centuries later. ResponseWriter, r *http.In 1914, a race of mechanoid aliens arrive at an ancient Egyptian temple to collect the four elemental stones and a bronze sarcophagus containing the body of the Fifth element in human form. "fmt" "log" "net/http" "/namsral/multipass" "/namsral/multipass/services/email"įunc appHandler( w http. The user handle which was used to authenticate the user is passed down to the protected web services as a HTTP header: Multipass piggybacks on the Caddy web server which comes with automatic HTTPS using Let's Encrypt and many more features and plugins. This ensures signatures still validate after Multipass reloads during a configuration reload.
When no private key is set, the MULTIPASS_RSA_PRIVATE_KEY environment variable is empty, a RSA key pair is randomly generated and stored in the environment. You can set your own private RSA key in the MULTIPASS_RSA_PRIVATE_KEY environment variable make sure to PEM encode the private key. These access tokens and other signatures can be verified by others using the public key made available at the url /pub.cer when Multipass is running. The tokens are embedded in login links which are sent to user.Ī RSA key pair is used to sign user access tokens. User follows the login link and is granted access the protected resourceĪccess tokens are signed JSON Web Tokens with specific claims like user handle and expire date.An user access token is sent to user in the form of a login link.
When the user follows the login link the access token is stored in the browser session and used to authenticate the user on successive requests. Multipass works by sending the user a login link with an embedded access token. In the following example, the service running on localhost:2016 is proxied and protected to allow only users with handles and to access the /fhloston and /paradise resources.
LEELOO MULTIPASS PASSWORD
smtp_pass: Mailserver password used for authentication.smtp_user: Mailserver username used for authentication.smtp_addr: Mailserver address used for sending login links.expires: The time duration after which the token expires.basepath: path to the log-in and sign-out page.handles: the handles which identify the users accepts wildcards like and Required.resources: path of resources to protect.