Comments (2)
djmitche
commented on July 19, 2024
It looks like this is a bit tricky with Actix-web.
One of the disadvantages of Hawk is that it requires the cleartext secret on the server. So it's basically bearer authentication, with signing of request, response, and payloads.
Other options, that might be just as good:
- Simple bearer auth with an API key. Yeah, there's no signing, but assuming that TLS is not compromised, there's nothing that an attacker without the API key could forge.
- Maybe just use simple client ID's with nothing further -- these are already opaque values and have enough bits to be unguessable. They're currently in the URL, but w could move that to a request header pretty easily. As an example, Mullvad VPN does something like this, with an opaque "account number" and no further information.
from taskchampion.
djmitche
commented on July 19, 2024
I think the second idea is the right one. If someone wants to run a "commercial" server or whatever, they can establish a separate mapping from client ID to customer. So, it's basically an API key. I will:
- rename it to client_key
- remove it from the URL
from taskchampion.
Related Issues (20)
- Expose operations from TaskChampion HOT 4
- Reconsider "level" of the Task/TaskMut interface HOT 6
- Use `ffizz` to build taskchampion-lib HOT 4
- Per-Replica Encryption Keys HOT 12
- Sync to Azure
- Sync to AWS HOT 4
- Allow sync origins containing paths HOT 3
- Fix redundant guards HOT 1
- Add support for purging tasks HOT 4
- Refect GothenburgBitFactory/taskwarrior#3415 into lib/
- Taskchampion Python bindings HOT 7
- Add documentation for cloud config
- `get_child_version` must check that the version it returns is reachable from `latest`
- Feature: Support .corn for configuration instead of TOML HOT 4
- Update TC docs to match reality HOT 3
- error[E0425]: cannot find function `generate_header` in crate `taskchampion_lib` in release mode HOT 1
- Concider making Replica and DependencyMap traits HOT 4
- Add tests for manually manipulated DB HOT 3
- Replace working set more efficiently HOT 2
- Replace `set!` with `HashSet::from` HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from taskchampion.