typo

Tobias Mühl 2021-04-23 19:37:58 +07:00
parent ddd06d6f4d
commit d788d3e271

@ -47,7 +47,7 @@ To enable JWT-based access control,
## How JWT-based access control works ## How JWT-based access control works
* To upload a new file, when requesting a new fileId via `http://<master>:<port>/dir/assign`, the master will use the `jwt.signing.key` to generate and sign a JWT, and set it to response header `Authorization`. The JWT is valid for 10 seconds. * To upload a new file, when requesting a new fileId via `http://<master>:<port>/dir/assign`, the master will use the `jwt.signing.key` to generate and sign a JWT, and set it to response header `Authorization`. The JWT is valid for 10 seconds.
* To update or delete a file by fileId, the JWT can be read from the response header `Authorization` of `http://<master>:<port>/dir/lookup?fileId=xxxxx`. * To update or delete a file by fileId, the JWT can be read from the response header `Authorization` of `http://<master>:<port>/dir/lookup?fileId=xxxxx`.
* When sending upload/update/delete HTTP operations to a volume server, the reqeust header `Authorization` should be the JWT string. The operation is authorized after the volume server validates the JWT with `jwt.signing.key`. * When sending upload/update/delete HTTP operations to a volume server, the request header `Authorization` should be the JWT string. The operation is authorized after the volume server validates the JWT with `jwt.signing.key`.
JWT Summary: JWT Summary:
* JWT is set in `/dir/assign` or `/dir/lookup` response header `Authorization` * JWT is set in `/dir/assign` or `/dir/lookup` response header `Authorization`