-
Should we generate our own token or use the Google OAuth Token required for logging the user?
-
Recommend adding a security feature to "start" such as `secure=True|False` which requires any client connecting on the bottle port to supply a randomly generated token to connect. We may not want othe…
-
# Discovery:
JWT tokens used for authentication in LibreChat need to have an appropriate expiration policy to ensure security and prevent unauthorized access. Tokens that last too long increase the r…
-
### Preflight Checklist
- [X] I could not find a solution in the existing issues, docs, nor discussions
- [ ] I have joined the [ZITADEL chat](https://zitadel.com/chat)
### Describe your problem
ZI…
mffap updated
1 month ago
-
I'm opening this issue to document/get my head around the current approach to security in resuming a session in solid-oidc.
My understanding of the current situation is:
- it is common practice to…
-
**Description:**
The JWT tokens in `pages/api/admin-check-login-code.ts` are currently set with an expiration date far in the future (`2038`). This could lead to significant security risks if tokens …
-
latest version not working on django 5.2
Logout Does Not invalidated already generated access tokens which is a big security concern
Password Reset Does Not Invalidate access tokens which are…
-
### System information (not really relevant)
Type | Version/Name
--- | ---
Distribution Name | debian
Distribution Version | sid
Kernel Version | 6.0.0
Architecture | amd64
OpenZFS Version | 2…
-
All endpoints must be authenticated to reduce security issues. Since there are two call points: frontend and prompts (Chatizalo functions), it is recommended to have two access tokens. One to be used …
-
One should add some security related checks to file tokens, to make sure that these token files belong to the UID of the application reading it and that the permissions of this token files are private…