The current version of the app has the user sign in to github inside of the app to add the oauth token. this is insecure as there is no way of knowing that this is a real github page, it also defeats purpose of oauth token in first place. Could be fixed by popping it out to users web browser.
The current version of the app has the user sign in to github inside of the app to add the oauth token. this is insecure as there is no way of knowing that this is a real github page, it also defeats purpose of oauth token in first place. Could be fixed by popping it out to users web browser.