No description

Find a file

Dominik Korsa 709934b021 Remove debug timeout		2021-02-13 18:25:45 +01:00
.idea	Implement /api/website/deny	2021-01-18 21:05:04 +01:00
backend	Implement modifying app info	2021-02-13 18:23:19 +01:00
website	Remove debug timeout	2021-02-13 18:25:45 +01:00
.gitignore	Create /api/oauth/authorize route	2021-01-16 23:15:20 +01:00
LICENSE	Create LICENSE	2021-01-16 23:18:35 +01:00
README.en.md	Create README.en.md	2021-02-09 15:28:03 +01:00
README.md	Update README.md	2021-02-09 15:03:12 +01:00

README.en.md

Polska wersja README

Wulkanowy Bridge

What is Wulkanowy Bridge?

Wulkanowy Bridge is a service, which allows apps to access data from VULCAN UONET+ using a well-documented API.

Project features

Uses wulkanowy/sdk-node
Implements OAuth2.0 protocol
API uses GraphQL and supports schema introspection
Apps (clients) don't have access to user's login and password
We encrypt data stored in our database, to limit the scope of an attack
Apps specify the access scope and user is informed about it

To reduce the consequences of unauthorised access to our server or database, login and session information is encrypted in the database. The key needed to decrypt the information is in the access token generated for an app, so accessing the database doesn't, by itself, allow to decrypt the information. Wulkanowy Bridge ma możliwość odszyfrowania tych informacji wyłącznie podczas zapytania przez aplikację (przy każdym zapytaniu wysyłany jest token) Wulkanowy Bridge can decrypt the information only when a request is made by an app (the access token is sent with every request)

README.en.md

Wulkanowy Bridge

What is Wulkanowy Bridge?

Project features

How does Wulkanowy Bridge protect login info of users?