Closed janboddez closed 3 weeks ago
And in order to figure out if a registration is valid, still, we need an app token, too.
So, if ever someone entered a previously known instance, we should check the validity of our details, and then re-register if needed, and overwrite the database entry. And maybe invalidate (i.e., forget, as I don't think we can revoke them anymore at that point) previously issued tokens for this instance.
Related to #113, in order to prevent registering as a new client for each and every user, we'll need to keep track of where we registered. And in order to figure out if a registration is valid, still, we need an app token, too.
Right now app and user tokens are stored either in the
options
table or inusermeta
.We should instead store client ID, client secret, and app token in a separate array in
options
or in a separate database table altogether. And either copy the credentials into the usermeta or simply refer to the correct database row.Looks like separate table might not be such a bad idea. We could then also keep track of when we registered and whatnot.