Maxim Panfilov viatoriche

Про токены, JSON Web Tokens (JWT), аутентификацию и авторизацию. Token-Based Authentication

Last major update: 25.08.2020

	''' A model field to store and retrieve Google Protocol Buffer objects easily.

	Uses the BlobField available on GAE for storage.

	Usage:

	myfield = ProtobufField(protoclass=MyProtocolClass)

	where MyProtocolClass is a protocol descriptor class generated from a .proto file.
	The field is supposed to store only the given kind of protocol messages.

	Okay so here's the setup:

	[-] The primary server API is exposed via Flask (Python) and all static files, including all html, css, js is served by nginx.
	[-] Python is exposing an API at url http://domain.com/api/download/<file_id>, where file_id is a database id for the file that we're interested in downloading.

	1. User wants to download a file, so we spawn a new window with the url '/api/download/<file_id>'
	2. Nginx intercepts the request, sees that it starts with /api/, and then forwards the request to Flask, which is being served on port 5000.
	3. Flask routes the request to its download method, retrieves the pertinent data from the file_id, and constructs additional header settings to make nginx happy and to force the browser to see the file stream as a download request instead of the browser just trying to open the file in a new window. Flask then returns the modified header stream to nginx
	4. Nginx is finally ready to do some work. While parsing the headers for the incoming request, it encounters "X