rkgk/crates
liquidex be6a47ae13 user authentication through a secret token (NOT AUDITED FOR SECURITY. DO NOT RELY ON THIS CODE.)
it's probably okay, but it's incredibly easy to read localStorage from the frontend and get a hold of the secret
would be nice (would it?) to have more proper session tokens I guess but we're not doing that right now

I'm not entirely sure if generating the password on the server is legit like this, but it leads to an incredibly frictionless experience and I'd like to keep it. if possible.
I don't really see a difference compared to password managers generating passwords for you and showing them in plaintext
obviously actual passwords are stored within the manager which requires a master password, but like. do we really need that. the secret isn't shown to the user and it's very long.
too bad the browser secure storage API or whatever isn't ready yet
2024-08-23 19:50:42 +02:00
..
haku add SourceCode wrapping str for enforcing source code length limits at parsing boundaries 2024-08-22 20:49:16 +02:00
haku-cli add SourceCode wrapping str for enforcing source code length limits at parsing boundaries 2024-08-22 20:49:16 +02:00
haku-wasm user authentication through a secret token (NOT AUDITED FOR SECURITY. DO NOT RELY ON THIS CODE.) 2024-08-23 19:50:42 +02:00
rkgk user authentication through a secret token (NOT AUDITED FOR SECURITY. DO NOT RELY ON THIS CODE.) 2024-08-23 19:50:42 +02:00
rkgk-image-ops sync 2024-08-17 22:16:21 +02:00