carletex commented 7 months ago

We just merged #96

But let's experiment with a stronger method (where «impersonator» doesn't work :D).

This would be an option: https://github.com/BuidlGuidl/grants.buidlguidl.com/pull/17

Another simpler option could be, just use an API key (stored in the backend / secret env var)

Workflow:

User goes to /admin
No GRANTS_API_KEY found on local storage
User sign a message to the backend get the key
Backend validates that user is an admin => returns secret API key (stored as a secret env vaar)
User stores key to local storage
User sends admin request with the KEY on headers => backend validate that API keys are equal

It's just a cheap version of the JWT stuff (no data stored in the token, no refresh, same for all users, etc)... but it's more than enough IMO (since the data "protecting" is not very sensitive haha).

In any case, happy to go either way!

technophile-04 commented 7 months ago

I think I love it because of its simplicity !!

17 would have made more sense if we wanted to allow write with SIWE, but I think our current approach is more secured than SIWE for guarding writes lol not best world UX but more secure fore sure!

... but it's more than enough IMO (since the data "protecting" is not very sensitive haha).

Yup completely agree with !

Also, happy to tackle this and create a POC PR. If you haven't started yet or want to tackle it 🙌

technophile-04 commented 7 months ago

Completed at #100

BuidlGuidl / grants.buidlguidl.com

API Key to protect the admin route #97

17 would have made more sense if we wanted to allow write with SIWE, but I think our current approach is more secured than SIWE for guarding writes lol not best world UX but more secure fore sure!