Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add options to authorize access #2

Open
Tethik opened this issue Nov 22, 2016 · 1 comment
Open

Add options to authorize access #2

Tethik opened this issue Nov 22, 2016 · 1 comment
Labels
enhancement

Comments

@Tethik
Copy link
Owner

Tethik commented Nov 22, 2016

In many use cases of this app allowing anyone to post new messages is pretty unnecessary. Blocking public access to posting new messages would also reduce the likelihood of a DoS attack.

Add authorization of some sort to restrict access to who can post new messages. At the same time it might also be interesting to look at access-restricting the site in a read sense too. Make it fully configurable what is accessible by who so that sysadmins can tailor the app for their own use-case.

E.g. one organisation running it on an intranet could leave it open to anyone because so they rely on the authorization of having access to the intranet. Another organisation wants to use it to send passwords or other secrets to their clients, so they leave read open and restrict write to people within their organisation.
@Tethik
Copy link
Owner Author

Tethik commented Feb 11, 2017

This might be easier to leave to nginx or whichever server is hosting the application.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Tethik