From 10794e59c7197e8e1fb2ce23eb375f30095196db Mon Sep 17 00:00:00 2001 From: Valentin Popov Date: Fri, 15 Dec 2017 09:56:14 +0400 Subject: The file 'README.md' was updated --- README.md | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 614fe5d..6055e23 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,29 @@ -# Authorization by tokens +# Authorization by token's -User authorization module. +Token-based authentication (also known as +[JSON Web Token authentication](https://jwt.io/)) +is a new way of handling authentication of users in applications. +It is an alternative to +[session-based authentication](https://security.stackexchange.com/questions/81756/). -**The plugin is in active development.** +The most notable difference between the session-based and token-based authentication is that former relies heavily on the server. +A record is created for each logged-in user. + +Token-based authentication is stateless - it does not store anything on the server but creates a unique encoded token that gets checked every time a request is made. + +Unlike session-based authentication, a token approach would not associate a user with login information but with a unique token that is used to carry client-host transactions. +Many applications, including Facebook, Google, and GitHub, use the token-based approach. + +## Requirements + +* **PHP**: 5.6.32+; +* **Moodle**: 3.2+; +* **Plug-in**: [tool_managertokens](https://github.com/valentineus/moodle-tool_managertokens); + +## Documentation + +* [Install the plugin](docs/getting-started.md); +* [User's Manual](docs/getting-started.md); ## License -- cgit v1.2.3