Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve domain sever APIs. #30

Open
namark opened this issue Sep 29, 2022 · 0 comments
Open

Improve domain sever APIs. #30

namark opened this issue Sep 29, 2022 · 0 comments
Labels
enhancement New feature or request question Further information is requested

Comments

@namark
Copy link

namark commented Sep 29, 2022

I've implemented a domain access token authentication strategy and made a account and domain public key reading APIs public for compatibility with current domain server implementation. Might need to revisit this in the future as there are some things that I'm not sure about:

  1. The domain access token has a expiration date, which is currently unused, since It's unclear what should happen then.
  2. Using the access token gives access to specific APIs as the user that generated the token, with all relevant permissions. Might need to reconsider the APIs exposed this way and/or revoke some permissions.
  3. The account public key API also returns the account username and id, which I'm not sure is ok to be public.
@namark namark added enhancement New feature or request question Further information is requested labels Oct 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@namark