Configuration: Service Module ‐ Authentication - ChrisMavrommatis/Binacle.Net GitHub Wiki

The Service Module in Binacle.Net uses stateless JWT tokens to allow authenticated users to bypass the rate limiter. These tokens are generated through the authentication endpoint and are valid for a specified duration.

To enable the Service Module to generate tokens, several settings must be configured.

Configuration Options

The JWT settings are defined in the JwtAuth.json file, structured as follows:

{
  "JwtAuth": {
    "Issuer": "https://localhost:7194",
    "Audience": "https://localhost:7194",
    "TokenSecret": "ThisIsAVerySecretKeyMeantToBeStoredSecurelyAndNotLikeThisSoPleaseChangeIt",
    "ExpirationInSeconds": 3600
  }
}
  1. Issuer: The URL that represents the entity that issued the token. It’s recommended to use your application’s base URL.
  2. Audience: The intended recipient of the token. This is usually the same URL as the issuer.
  3. TokenSecret: A secret key used to sign the JWT. The secret should be long and complex to enhance security.
  4. ExpirationInSeconds: The duration for which the token is valid, specified in seconds. Adjust this value based on your application's needs, a common setting is 3600 seconds (1 hour).

Using Environment Variables

Instead of (or alongside) using the JwtAuth.json file, you can pass the settings as environment variables, which override file-based configurations.

Here are the corresponding environment variables:

JwtAuth__Issuer
JwtAuth__Audience
JwtAuth__ExpirationInSeconds
JwtAuth__TokenSecret

For example, you can set only the TokenSecret as an environment variable while keeping the rest of the configuration in JwtAuth.json:

JwtAuth__TokenSecret="ThisIsAVerySecretKeyMeantToBeStoredSecurelyAndNotLikeThisSoPleaseChangeIt"

[!Warning]

Environment variables take precedence over settings defined in the JwtAuth.json file.

This allows you to manage sensitive information like the TokenSecret securely without hardcoding it into your configuration files.

By using environment variables, you can easily manage sensitive information without hardcoding it in your configuration files.