mleku @mleku - 10d
#realy #devstr #progressreport https://github.com/mleku/realy/blob/dev/httpauth/98.adoc note the new section just before the Request Flow, Expiration Variant this describes what it is the code has been modified to allow this form of HTTP auth token and there is now a tool at https://github.com/mleku/realy/blob/dev/cmd/nauth/main.go which will generate a token that can be given a specific expiry time and used on multiple paths of a realy this allows me to make more use of the openapi documentation interface the JWT flow was just so clunky in comparison, and replicates so much of the entire principle of nostr events, which are in themselves a form of attestation just like a JWT. for most use cases, you want to follow the existing NIP-98 standard, assuming your client has this integrated, but for cases where you need to use http endpoints with tools that don't integrate nicely, you can make a typical style bearer token that is valid for longer
haha, whoops, the URL check was missing a return after the error is assigned, now fixed in v1.13.2
