Hi, thank you very much for the review! I actually thought of all these things, but the mission of this PR was to have a functional version of the website running since I've changed some of the backend infrastructure. I also took into consideration the fact that every bytecrowd starts as auth-less, so most of the potentials problems trace back to its users, not security stuff. Indeed, the UX can be improved, but I highly doubt that someone could hack into another person's code since the security checks enforced right now are pretty strict in my opinion (auth required for all routes regardless of the bytecrowd's requirements, immutability of the authorisedEmails field).
I will probably keep this PR open to decide whether I'll fix some or all of these things right now, or merge it as it is and come back whenever I have time to properly handle them. Projects like this couldn't happen without you getting me started in this amazing field, so I will always be grateful for everything you did for me, especially for the mentoring. Thank you!
Hi, thank you very much for the review! I actually thought of all these things, but the mission of this PR was to have a functional version of the website running since I've changed some of the backend infrastructure. I also took into consideration the fact that every bytecrowd starts as auth-less, so most of the potentials problems trace back to its users, not security stuff. Indeed, the UX can be improved, but I highly doubt that someone could hack into another person's code since the security checks enforced right now are pretty strict in my opinion (auth required for all routes regardless of the bytecrowd's requirements, immutability of the authorisedEmails field).
I will probably keep this PR open to decide whether I'll fix some or all of these things right now, or merge it as it is and come back whenever I have time to properly handle them. Projects like this couldn't happen without you getting me started in this amazing field, so I will always be grateful for everything you did for me, especially for the mentoring. Thank you!