- All requests from the Online Office subsystem should contain a token in the header, which is written in the configuration of this subsystem during the installation.
- Initially, token is generated by an ansible script and it is stored in the database in the group of settings tables: 'setting' and 'setting_value'.
- Getting a token from the settings tables is carried out in the admin part. The token is displayed on the screen. After that, it manually recorded in the settings of Online Office.
- Checking the user existence and the correctness of the password at the time of its authorization in Online Office is carried out by the method user / check-auth.
The user token is not created at this time. This method is needed only to verify the login / password and for nothing more.