Add a separate login secret #20

New issue

Closed

opened 2024-08-18 13:39:32 +02:00 by liquidev · 1 comment

liquidev commented 2024-08-18 13:39:32 +02:00 (Migrated from github.com)

Copy link

This would be in addition to user IDs - currently the user ID is the secret, but this effectively disallows any publishing of the user ID, which could be useful for e.g. exporting walls with full metadata. A wall would contain rows informing who created the wall and who modified it, but this can't be done with mere session IDs.

This would be in addition to user IDs - currently the user ID _is_ the secret, but this effectively disallows any publishing of the user ID, which could be useful for e.g. exporting walls with full metadata. A wall would contain rows informing who created the wall and who modified it, but this can't be done with mere session IDs.

liquidev commented 2024-08-23 19:53:34 +02:00 (Migrated from github.com)

Copy link

NOTE: Implementation not audited, probably full of security holes, but it's better than nothing. Now user IDs can be publicised, which was the whole point of this in the first place.

NOTE: Implementation not audited, probably full of security holes, but it's better than nothing. Now user IDs can be publicised, which was the whole point of this in the first place.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

No results found.

Labels

Clear labels   

bug

something's broken

  

c:haku

crate: haku

  

c:rkgk backend

crate: rkgk (backend portion)

  

c:rkgk frontend

crate: rkgk (frontend portion)

No labels

bug

c:haku

c:rkgk backend

c:rkgk frontend

Milestone

Clear milestone

No items

No milestone

prototype

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: liquidex/rkgk#20

No description provided.