Open chaoran-chen opened 4 years ago
Middleware component:
adminKey (~50 random characters) has a hash value
our code stores the hash value (of course not the adminKey)
adminKey is sent as header (always via https, then the header is encrypted)
component calculates the hash value from the adminKey. If equal to stored hash value then authentication as admin is successful
The current admin authentication with a fixed
adminKey
should be a very temporary solution.Ideas what we can do instead while keeping it simple?