Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: changre refresh token to localstorage #111

Open
rosibaj opened this issue Feb 10, 2021 · 1 comment
Open

Feature Request: changre refresh token to localstorage #111

rosibaj opened this issue Feb 10, 2021 · 1 comment
Assignees
@rosibaj
Labels
new-feature Request is a new feature

Comments

@rosibaj
Copy link

rosibaj commented Feb 10, 2021

The refresh token for the workflow-ui is being used as a cookie. This is not necessary, and has some security implications.

Change the workflow-ui implementation to user the Refresh token in localstorage, rather than as a cookie.
@rosibaj rosibaj added the new-feature Request is a new feature label Feb 10, 2021
@rosibaj rosibaj self-assigned this Feb 10, 2021
@joneubank
Copy link
Member

localstorage is insecure, we are in the process of updating token management for access/refresh tokens across our applications. will leave this ticket open for now as a reminder to review our token management on the ui.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rosibaj rosibaj

Labels
new-feature Request is a new feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@joneubank @rosibaj