Open AndreAffonso opened 6 years ago
these are indeed very good points, both have trade offs
the problem with the first one is that only one client will be editing the order for a certain table, therefore wont allow others in the table to edit it.
when it comes to the second possible solution, we would add one more job to the waiter, therefore he would have to pay attention in one more thing, making his life harder.
lets keep discussing this.
That's true. It's not cool just a customer doing all the orders.
Description
How can we ensure that someone who is not customer will not access the url from the table and make fake orders?
Suggestions
...But even with these implementations, an insistent attacker can be a problem as it will get in the way of the waiter.