Browse Source

add some notes about future improvements for auth..

main
John-Mark Gurney 4 years ago
parent
commit
9e2e993c80
1 changed files with 10 additions and 0 deletions
  1. +10
    -0
      NOTES.md

+ 10
- 0
NOTES.md View File

@@ -3,6 +3,16 @@ Issues to address

If app crashes, won't sync w/ board status in database.

Authentication. Likely should attach an expiration policy to access
tokens generated by an ssh key. This way an ssh key can be passwordless
for automation, and the cli could do:
bitelab auth; bitelab reserve board; <dothings>; bitelab release board; bitelab revoke

where auth fetches an access token via ssh, and revoke, revokes the token
as it is no longer needed. This either allows a "one time" access token where
the user can provide a passphrase to get the token at auth time, or limited
valid time access tokens such that if they were leaked, they would quickly
expire.

CONNECT proxy
=============


Loading…
Cancel
Save