Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
If a link-generating callable is given an argument like
If an incoming link has the session-granting request argument, it should, for that request only, act as if the user is the one specified in the argument.
tl;dr use macaroons
Would make it much easier to make friends-only feeds, and could conceivably also be a bridge to add friends-only WebSub.
macaroons are pretty heavyweight (and large!) for this. So, I'm thinking that it would make more sense to just HMAC-sign after all.
It should be fairly straightforward to just use itsdangerous to handle the signing and verification; generating an authorized link would be something like:
Tricky bit is figuring out if the URL is signed, and getting Flask to re-parse the URL after verifying the signature, which might actually require setting a new request object in the context or something. (There's no way to guarantee that the
Alternately: generate the URL without the
for the signing side of things, maybe do
and then use
the number of places where
But no matter how good the implementation, the risk of a private feed leaking is way too high. Sharing a non-private entry in a preauthorized atom feed will also share the feed, regardless if user behavior or intent.
This is not a reasonable path forward. Shared cookie jars are the short term solution and AutoAuth is the path forward.