Open mrodriguez3313 opened 2 years ago
Add more checks to the delete key endpoint to verify that the key the user wants to delete is actually theirs to delete.
Currently this simply gets the key name from the paramter and deletes a key with that name. https://github.com/Fierro-Labs/Fierro/blob/a1237c3e1262f6d1ce2c67acc50dc2a75cdea1f5/keys.go#L154 These would have to be rudimentary solutions while we learn how to share permission without sharing the secret key.
Add more checks to the delete key endpoint to verify that the key the user wants to delete is actually theirs to delete.
Currently this simply gets the key name from the paramter and deletes a key with that name. https://github.com/Fierro-Labs/Fierro/blob/a1237c3e1262f6d1ce2c67acc50dc2a75cdea1f5/keys.go#L154 These would have to be rudimentary solutions while we learn how to share permission without sharing the secret key.