317 B
317 B
- authentication
- "who are you?"
- password hashing with argon2
- JWT (15 min access) with refresh (30 days)
- identity dependencies (current_user_claims, optional_user, get_current_user_id, oauth2_scheme)
- room for growth: OAuth/SSO, API-tokens for third-party apps, 2FA, refresh-token rotation, impersonation