add support for api tokens when sending message. #297
Comments
binwiederhier
added
prio:low
|
The design of the auth feature is very rudimentary, but at the same time very powerful. I encourage you to read up on #19 of the designs we discussed there. Fundamentally, I do not disagree that expiring tokens could be a good addition, but ... (and this may shock you :-)): A token is just a password without a user and a different name For some reason, people think passwords are bad, but tokens are good, though they are fundamentally the same thing: a symmetric secret.
You can do this already by just creating users and ACLs: https://ntfy.sh/docs/config/#access-control -- The only thing that's not supported is expiration, though you could probably script that server-side (that's very hacky though). Anyway, since 99% of what you want are already there, I put this low on the list, though it sounds like fun to at least implement the user expiry, so I may do that sooner. I may even give you |
|
API tokens are implemented now with ntfy 2.0 |
I would like each app to use separate tokens so I can easily track who and which app is sending the messages. I like how PushOver has done it where you create an app with name,description,icon and have a button to generate api token for it.
Should be able to set custom expiration for tokens. Some tokens I may have never expire.
This becomes crucial when LDAP is supported in #296. As I don't want to save my username and password in random scripts.
The text was updated successfully, but these errors were encountered: