eidorb

Assuming your deployment system can pass your base64-encoded git-crypt key in an environment variable named `GIT_CRYPT_KEY`, you could unlock as follows: ```bash # Unlock git-crypt. echo $GIT_CRYPT_KEY | base64 -d...

Including `Content-Length` in the `exclude_headers` parameter fixes this: ```python handler = Mangum( app, # Content-Length header is not allowed in Lambda@Edge responses. exclude_headers=["Content-Length"], ) ``` `exclude_headers` was introduced in #280.

Is the preferred approach to use the [datasette-redirect-forbidden](https://datasette.io/plugins/datasette-redirect-forbidden) plugin, and configure it as follows? ``` "datasette-redirect-forbidden": { "redirect_to": "/-/github-auth-start", } ```

Thank you for looking into this. Suppose an endpoint expects a simple JSON body: ```python @dataclass class RequestBody: version: str ``` I attempted something "tricky" in order to construct a...

Thanks Mat. This library is very fun to use!

Yes enrolling fails for me after the OTP step too. But using my existing credentials still works. I will look into the passkey route as that should be more future...

Looks base64ish. Same as `token`. See towards top of README. I'm pretty sure that's the actual format and I changed some characters here and there.

They are different. You get them at various stages during initial device enrolment: https://github.com/eidorb/ubank/blob/eced2e794f140cf1af0fb6b862b5e62055ee4425/ubank.py#L274 https://github.com/eidorb/ubank/blob/eced2e794f140cf1af0fb6b862b5e62055ee4425/ubank.py#L279 And when you login, I think they update with new values.

Yeah I think this method is busted for enrolling new devices. They are forcing SMS OTP for every login with password auth. Interestingly my old auth key and token still...

Cool! I've started to look into it too. I'm able to create virtual passkeys without a browser or hardware device using this https://github.com/bodik/soft-webauthn