Open nak3 opened 1 year ago
Currently to disable admin server, we need to omit admin_auth_token:
admin_auth_token
https://github.com/fedora-iot/fido-device-onboard-rs/blob/65dfeed238a82501df46ee3e4d456df947e7e7a9/serviceinfo-api-server/src/main.rs#L132-L136
It is "ok" but it is better for security to exclude the admin API (admin_v0) from the server routes when omit admin_auth_token here:
admin_v0
https://github.com/fedora-iot/fido-device-onboard-rs/blob/65dfeed238a82501df46ee3e4d456df947e7e7a9/serviceinfo-api-server/src/main.rs#L461-L465
warp seems has the feature https://github.com/seanmonstar/warp/issues/121
Note we'll be migrating from warp shortly
Currently to disable admin server, we need to omit
admin_auth_token
:https://github.com/fedora-iot/fido-device-onboard-rs/blob/65dfeed238a82501df46ee3e4d456df947e7e7a9/serviceinfo-api-server/src/main.rs#L132-L136
It is "ok" but it is better for security to exclude the admin API (
admin_v0
) from the server routes when omitadmin_auth_token
here:https://github.com/fedora-iot/fido-device-onboard-rs/blob/65dfeed238a82501df46ee3e4d456df947e7e7a9/serviceinfo-api-server/src/main.rs#L461-L465
warp seems has the feature https://github.com/seanmonstar/warp/issues/121