Skip to content
Thamizhi Thamizhi
Docs
Authentication

Authentication

How authentication works in Thamizhi using Cloudflare Turnstile and JWT tokens.

Authentication Methods

Section titled “Authentication Methods”
MethodPurpose
Cloudflare TurnstileBot detection (no captcha)
Phone OTPUser verification
JWT tokensSession management
API keysProgrammatic access

Flow

Section titled “Flow”
graph LR
    A[User] -->|Submit via app| B[Turnstile Check]
    B -->|Pass| C[Create/Verify User]
    C -->|Phone OTP| D[Verify]
    D -->|Success| E[JWT Token]
    E -->|Signed requests| F[API]

Turnstile Integration

Section titled “Turnstile Integration”

Cloudflare Turnstile replaces CAPTCHA — invisible, no user interaction needed.

// Frontend widget
const token = await turnstile.render('#widget', {
  sitekey: '0x4AAAA...',
});


// Backend verification
const result = await fetch(
  'https://challenges.cloudflare.com/turnstile/v0/siteverify',
  { method: 'POST', body: JSON.stringify({
    secret: TURNSTILE_SECRET,
    response: token
  })}
);

JWT Tokens

Section titled “JWT Tokens”
interface JWTPayload {
  user_id: string;
  role: 'user' | 'reviewer' | 'expert' | 'admin';
  trust_score: number;
  iat: number;
  exp: number;
}


// Token expires in 7 days
// Signed with a secret stored in Cloudflare Workers env
Thamizhi — Decentralized journalism platform powered by AI
Home Philosophy User Guide Technical

Philosophy

Why Decentralized Core Principles Tamil Nadu Context

User Guide

Getting Started Submitting News Verification Reputation Community Guidelines

Technical

Architecture Tech Stack

Future

P2P Distribution LLM Training Roadmap