Class LoginServiceGrpc.LoginServiceImplBase
java.lang.Object
com.soulfiremc.grpc.generated.LoginServiceGrpc.LoginServiceImplBase
- All Implemented Interfaces:
LoginServiceGrpc.AsyncService, io.grpc.BindableService
- Direct Known Subclasses:
LoginServiceImpl
- Enclosing class:
LoginServiceGrpc
public abstract static class LoginServiceGrpc.LoginServiceImplBase
extends Object
implements io.grpc.BindableService, LoginServiceGrpc.AsyncService
Base class for the server implementation of the service LoginService.
Service for authenticating users via email-based passwordless login. Authentication Flow: 1. Client calls Login with the user's email address 2. If the email is registered, a six-digit code is sent to that email 3. Client receives an auth_flow_token and EmailCode response 4. User enters the code from their email 5. Client calls EmailCode with the auth_flow_token and the code 6. If valid, client receives a JWT token; if invalid, receives a Failure Security Features: - Rate limited to 20 requests per 10 minutes per origin to prevent brute force attacks - Auth flow tokens expire after 15 minutes - Same response for registered and unregistered emails to prevent email enumeration - Invalid codes return the same error as expired/invalid flow tokens to prevent timing attacks Error Handling: - RESOURCE_EXHAUSTED: Rate limit exceeded (too many login attempts) - UNAUTHENTICATED: No origin header provided (required for rate limiting) - INTERNAL: Unexpected server error during processing
-
Constructor Details
-
LoginServiceImplBase
public LoginServiceImplBase()
-
-
Method Details
-
bindService
public final io.grpc.ServerServiceDefinition bindService()- Specified by:
bindServicein interfaceio.grpc.BindableService
-