Dragoon209
commented
9 years ago I think the secret is a good solution for now, but I have a few questions / suggestions:
Is the secret random each time Dwarf Fortress is started, or just on first run? Could this code be defined instead of generated? Or better yet, could a few codes be generated to allow for more than 1 admin?
If there are multiple codes allowed, it would make sense to track what code was used during connection. This would allow a quick and dirty userlist of admins, and tracking who did what.
Lastly, using the password should not be saved in the local storage. This would allow anybody who has an admin password to 'log in' with their password, make changes, and then 'log out' by closing the window, and reconnecting without the password in the URL.
If we disallow things for normal users(saving, keybinding changes) there should probably be a way to avoid that restriction, esp. if the admin can't actually see the DF instance, as in headless installs.
doing something like outputting a random secret onto the console on startup and telling the admin to do something like
&password=<secret>seems suitably simple. Since we can't always (or usually) support wss, implementing anything more safe seems pretty hard to do.