dev-rewards icon indicating copy to clipboard operation
dev-rewards copied to clipboard

Published 20 hours ago verified publisher icon fluencelabs

Use standard Github oauth for authentication

Open juangirini opened this issue 1 year ago • 4 comments

Following up on https://github.com/fluencelabs/dev-rewards/issues/48, it seems to be impossible for some developers to authenticate themselves by decrypting with age, particularly for those who sign with a yubikey.

Using oauth to authenticate against Github is a lot more user-friendly, more developers would be able to claim their rewards (those that now can't) and also would seem less dangerous for those worried about exposing their private keys.

juangirini avatar Mar 25 '24 17:03 juangirini

not going to happen.

boneyard93501 avatar Mar 25 '24 21:03 boneyard93501

So let get me get this straight: contributors that strive to run a tight ship and use good security practices are the ones that you choose to penalize? That doesn't really make any sense. A better answer would be "We are looking into alternative solutions for our yubikey using contributors and will report back asap."

/cc @alari

dvdplm avatar Mar 27 '24 11:03 dvdplm

Github deleted my ssh keys for inactivity yet people commit a Readme to some shitcoin get to participate simply bc they used ssh instead of https? Not great planning. Will get ready for influx of shit prs too from farmers loading up for the inevitable fork of this project and their airdrops.

silence48 avatar Apr 16 '24 18:04 silence48

Oauth should definitely be the way to authenticate. Everything is wrong with the current setup as we all basically need to audit your code before doing anything. It's also just showing bad practices to other projects...

tupui avatar Apr 16 '24 18:04 tupui