Authentification by Token

Open genofire opened this issue 4 years ago • 1 comments

For Authentification, not all Clients need to have temporary the Username and Password. It would be more Safe if it is possible to add an new client by an Token created/generated on an already registrated client and transmitted/tipped up on the new client.

Please create an option to login by token (beside of username + password).

Jun 26 '21 22:06 genofire

I don't think this is worth the development effort, as it only prevents the client from reading the user credentials, and not restricts the client in any other way. If the user password isn't used anywhere else, then the risk of getting the user credentials would be the same as getting the client token.

Jun 27 '21 08:06 jmattheis