Serverside stuff. Mostly shuffling things around

2024-10-26 11:42:51 +02:00 · 2024-10-26 11:42:51 +02:00 · be70109c43
commit be70109c43
parent 90667d96c7
20 changed files with 513 additions and 71 deletions
--- a/authentication-flow.md
+++ b/authentication-flow.md
@ -17,8 +17,8 @@
 3. Get webauthn options from response
 4. Get passkey response
 5. Send response to Server
-6. Server checks and replies with session token
-7. Frontend uses session token for authorisation of all requests afterwards
+6. Server checks and gives ok or fail.
+   Ok also sets a server only cookie with an access token

 ## api