| From: | Eugen Stan <eu(at)ieugen(dot)ro> |
|---|---|
| To: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | support for JSON Web Token |
| Date: | 2019-03-03 00:08:51 |
| Message-ID: | 18dad209-9b79-3291-ce94-73e1e6609bf3@ieugen.ro |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi,
I would like to advocate forJSON web token support in PostgreSQL.
JWT tokens are used in a lot of web applications and I think there are
some very nice use cases for passing the token down to PostgreSQL.
Some of the first thing that comes to mind is pairing it with row level
security to implement authorization policies and data access directly in DB.
I've did a bit of research and I found some prior work in [pgjwt] and
[postgres-jwt-prototype] .
It seems to be pretty easy to support since most of the work is done:
PostgreSQL has crypto support via pgcrypto and has native JSON handling
functions.
JWT is a widely used technology, especially in web applications.
This is why I think PostgreSQL should adopt a JWT extension in contrib.
I believe PostgreSQL will benefit, especially in the web apps use.
What do you think?
What would it take for a JWT extension to be added to postgresql contrib
or the official postgresql extensions ?
Thanks,
Eugen
[pgjwt] https://github.com/michelp/pgjwt
[postgres-jwt-prototype] https://github.com/larsar/postgres-jwt-prototype
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stuart McGraw | 2019-03-03 04:11:16 | regex DoS in postgresql? |
| Previous Message | Steven Lembark | 2019-03-02 22:50:07 | Re: Where **not** to use PostgreSQL? |