You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To give some protection against someone spamming a router implementation it would be nice if there was a way of providing and revoking tokens that can be used in router query strings
User asks mmbot mmbot create api token for teamcity announcements
mmbot creates a token, adds it to the brain
User writes script with router implementation that starts with
robot.Router.Post("/mmbot/chatsecrets/{room}", context => {
context.ValidateApiToken("teamcity announcements");
var room = req.Params()["room"]
var data = context.ReadBodyAsJson()
var secret = data["secret"].ToString();
robot.Speak(room, "I have a secret: " + secret);
});
If the token is compromised the user can simply mmbot revoke api token teamcity announcements
The commands can be restricted to admins.
Thoughts?
The text was updated successfully, but these errors were encountered:
To give some protection against someone spamming a router implementation it would be nice if there was a way of providing and revoking tokens that can be used in router query strings
mmbot create api token for teamcity announcementsmmbot revoke api token teamcity announcementsThe commands can be restricted to admins.
Thoughts?
The text was updated successfully, but these errors were encountered: