notes/cisco_ft_securex_registration.org
This commit is contained in:
parent
94f73f9417
commit
5e0cfa37d1
1 changed files with 3 additions and 0 deletions
|
@ -369,11 +369,14 @@ The clojure code for the route should roughly look like:
|
|||
(create-new-account org-settings)))
|
||||
#+end_src
|
||||
|
||||
|
||||
As we now have a session, we should take care about a few details:
|
||||
|
||||
***** Important Security Remarks
|
||||
- should we keep track of the =origin=?
|
||||
YES this is a security risk to prevent an attack with a redirect to the
|
||||
wrong endpoint. So the redirect should be handled by the backend.
|
||||
The =origin= should be put in the JWT.
|
||||
- should we prevent a user identity to create multiple accounts?
|
||||
I don't think so. Not in the first round at least.
|
||||
It will probably be easy to add a =created-by= metas in the org, and prevent
|
||||
|
|
Loading…
Reference in a new issue