yogsototh/deft
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

notes/cisco_ft_securex_registration.org

Browse source
This commit is contained in:
Yann Esposito (Yogsototh) 2022-02-09 11:52:58 +01:00
parent 94f73f9417
commit 5e0cfa37d1
Signed by untrusted user who does not match committer: yogsototh
GPG key ID: 7B19A4C650D59646
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
notes/cisco_ft_securex_registration.org
View file

@ -369,11 +369,14 @@ The clojure code for the route should roughly look like:
(create-new-account org-settings)))
#+end_src
As we now have a session, we should take care about a few details:
***** Important Security Remarks
- should we keep track of the =origin=?
YES this is a security risk to prevent an attack with a redirect to the
wrong endpoint. So the redirect should be handled by the backend.
The =origin= should be put in the JWT.
- should we prevent a user identity to create multiple accounts?
I don't think so. Not in the first round at least.
It will probably be easy to add a =created-by= metas in the org, and prevent