mercredi 26 avril 2017

Laravel Passport token length

Using passport for api authentication for a mobile app. The app devs were quick to complain about the size of the access_token provided (1071 characters) and having to pass it in each request.

On investigation the bulk of the token is the signature portion. By default passport is generating a 4096bit rsa key. I found i can reduce the token size to 559 characters by generating a 1024bit key instead. Better, but still much larger than keys generated by other services like Facebook.

I can not find much info on the subject, Is it a moot point? Is 1KB token nothing to complain about? Is reducing the key size a bad idea? Anything else that can be done to reduce the size?



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire