github
html_url | issue_url | id | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
https://github.com/simonw/datasette/issues/1858#issuecomment-1292709818 | https://api.github.com/repos/simonw/datasette/issues/1858 | 1292709818 | IC_kwDOBm6k_c5NDS-6 | 9599 | 2022-10-26T22:07:04Z | 2022-10-26T22:07:04Z | OWNER | New token design: ```json { "a": "actor-id", "t": "creation timestamp as integer", "d": "intended duration in seconds, or blank if no duration set" } ``` This is in place of the `"e": "expiry timestamp"` design I've built so far. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1423364990 | |
https://github.com/simonw/datasette/issues/1858#issuecomment-1292708227 | https://api.github.com/repos/simonw/datasette/issues/1858 | 1292708227 | IC_kwDOBm6k_c5NDSmD | 9599 | 2022-10-26T22:05:34Z | 2022-10-26T22:05:34Z | OWNER | I just realized this can't easily affect the `datasette create-token` command because it doesn't currently accept the `--setting` option, so it wouldn't know what `max_signed_tokens_ttl` was. More to the point: even if it did, someone could abuse their knowledge of the secret to create a signed non-expiring token even on servers that didn't want to support those. So I actually need to redesign the token format: it needs to store the timestamp when the token was created and the intended duration, NOT the timestamp that the token expires at. Otherwise it's not possible for servers to enforce `max_signed_tokens_ttl` - someone could always create a token with a custom `expires_at` timestamp on it outside of the configured limit. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1423364990 | |
https://github.com/simonw/datasette/issues/1858#issuecomment-1292687774 | https://api.github.com/repos/simonw/datasette/issues/1858 | 1292687774 | IC_kwDOBm6k_c5NDNme | 9599 | 2022-10-26T21:44:57Z | 2022-10-26T21:44:57Z | OWNER | I'm going for consistency with `max_csv_mb` and `max_returned_rows` and `allow_signed_tokens` and `default_cache_ttl`. So `max_signed_tokens_ttl`. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1423364990 | |
https://github.com/simonw/datasette/issues/1858#issuecomment-1291435464 | https://api.github.com/repos/simonw/datasette/issues/1858 | 1291435464 | IC_kwDOBm6k_c5M-b3I | 9599 | 2022-10-26T03:07:16Z | 2022-10-26T03:07:16Z | OWNER | This setting will disable the "Token never expires" option: <img width="578" alt="image" src="https://user-images.githubusercontent.com/9599/197925181-f1b9eb4c-e9be-4b55-9c1b-29622a83e58d.png"> | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1423364990 |