search

ajanata / PretendYoureXyzzy

A web clone of the card game Cards Against Humanity.
https://pretendyoure.xyz/zy
BSD 2-Clause "Simplified" License
1.23k stars 397 forks source link

Server admins #110

Closed ghost closed 10 years ago

ghost commented 10 years ago

Could you make it so that if you owned the webseerver you could be a admin?

Or has this already been done

ajanata commented 10 years ago

You should only have to edit the IP addresses in Constants.java and re-compile. A user account way of doing this is mostly planned, but I have had very little time to actually work on it.

ajanata commented 10 years ago

Also, the code as written honors the X-Forwarded-For header. Make sure you shove it behind a reverse proxy (apache, nginx) that first strips that header and then writes its own, or anybody that can forge that header (i.e., everybody) will be able to claim to be an admin.