Skip to content

Use sessions instead of API keys for admin authentication #156

Open
Open
Use sessions instead of API keys for admin authentication#156
Labels
apiImprovement or changes to the APIauthAuthentication of usersimprovementImprovements to existing codesecurityEverything regarding security of the server
@Frewacom

Description

@Frewacom
Frewacom
opened on Jun 6, 2021

Using API keys for authentication is probably not our best option. It comes with a bunch of security implications and is harder to correctly and securely implement compared to sessions. Luckily, since we are using Adonis, this change is really simple to do. Tests will be a PITA, though.

Metadata

Metadata

Assignees

No one assigned

    Labels

    apiImprovement or changes to the APIauthAuthentication of usersimprovementImprovements to existing codesecurityEverything regarding security of the server

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions