You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the service provider gives out authentication tokens to everyone. If you forgot yours - it just gives you back what you should have had (so anyone could learn your token this way);
The request would need some signature to ensure that the provider is talking with the right client.
The text was updated successfully, but these errors were encountered:
jstuczyn
changed the title
More secured auth token
More secured auth token - some signature on request
Dec 18, 2019
Right now in the code, we allow a particular client to register only once, so we avoid this isse partially. Anyway, we can implement a signature schema, just to allow people get there authentication token again if they forget.
Currently the service provider gives out authentication tokens to everyone. If you forgot yours - it just gives you back what you should have had (so anyone could learn your token this way);
The request would need some signature to ensure that the provider is talking with the right client.
The text was updated successfully, but these errors were encountered: