Rework API key creation #456

Closed
opened 2024-12-23 13:17:18 +01:00 by mpeltriaux · 1 comment
Owner

Status quo

A user can create an API key on his/her konova settings menu. Currently the user could change the API key from a generated one to a manually edited on the frontend. In fact we do not want that to happen, since it could weaken the key.

Considerations

However

  1. A key is not automatically ready to use, since it (the key request in general) needs to be approved by an admin, who is informed automatically via mail
  2. Instead of changing the frontend, we could simply enhance the form validation on the backend, where we expect a key to match certain criteria. This way, we could ensure the key to be valid, even if the user would wobble around in the HTML to make the form field editable
# Status quo A user can create an API key on his/her konova settings menu. Currently the user **could** change the API key from a generated one to a manually edited on the frontend. In fact we do not want that to happen, since it could weaken the key. # Considerations However 1. A key is not automatically ready to use, since it (the key request in general) needs to be approved by an admin, who is informed automatically via mail 1. Instead of changing the frontend, we could simply enhance the form validation on the backend, where we expect a key to match certain criteria. This way, we could ensure the key to be valid, even if the user would wobble around in the HTML to make the form field editable
mpeltriaux added the
enhancement
label 2024-12-23 13:17:18 +01:00
mpeltriaux self-assigned this 2024-12-23 13:17:18 +01:00
Author
Owner

Merged in

Merged in #462
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: IT-Naturschutz/konova#456
No description provided.