You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I would like each app to use separate tokens so I can easily track who and which app is sending the messages. I like how PushOver has done it where you create an app with name,description,icon and have a button to generate api token for it.
Should be able to set custom expiration for tokens. Some tokens I may have never expire.
This becomes crucial when LDAP is supported in #296. As I don't want to save my username and password in random scripts.
The text was updated successfully, but these errors were encountered:
The design of the auth feature is very rudimentary, but at the same time very powerful. I encourage you to read up on #19 of the designs we discussed there.
Fundamentally, I do not disagree that expiring tokens could be a good addition, but ... (and this may shock you :-)): A token is just a password without a user and a different name
For some reason, people think passwords are bad, but tokens are good, though they are fundamentally the same thing: a symmetric secret.
I don't want to save my username and password in random scripts.
You can do this already by just creating users and ACLs: https://ntfy.sh/docs/config/#access-control -- The only thing that's not supported is expiration, though you could probably script that server-side (that's very hacky though).
Anyway, since 99% of what you want are already there, I put this low on the list, though it sounds like fun to at least implement the user expiry, so I may do that sooner. I may even give you Bearer tokens implemented as users without a name if I feel like it :-D
I would like each app to use separate tokens so I can easily track who and which app is sending the messages. I like how PushOver has done it where you create an app with name,description,icon and have a button to generate api token for it.
Should be able to set custom expiration for tokens. Some tokens I may have never expire.
This becomes crucial when LDAP is supported in #296. As I don't want to save my username and password in random scripts.
The text was updated successfully, but these errors were encountered: