[slack] Add signature verification, and make sure Grab is secure!

WillNilges / grab

Threads -> Wiki: A bot that allows you to save threads from your messaging platform to your knowledge base with a single command

GNU General Public License v3.0

2 stars 1 forks source link

[slack] Add signature verification, and make sure Grab is secure! #21

Open WillNilges opened 1 year ago

WillNilges commented 1 year ago

See here: https://github.com/DAv10195/slack-example/blob/main/slack/main.go#L81

This is pretty basic, but there's definitely things we can do to improve security. Users trusting Grab with the keys to their wiki is kind of a big deal. There should be no way that can leak.

This might also be a good time to ensure that the logs are sanitized.

[x] Signature Verification
[ ] Review Error Handling

WillNilges commented 1 year ago

Definitely also need to clean up error handling.