Closed eemeli closed 6 years ago
offbyone
commented
6 years ago I think you should look into an authentication middleware framework that can handle this end to end, with a redirection to a custom login form if you need it. Shared secret auth is a generally bad idea from a security POV and I'd rather see the effort in place to drop it completely.
eemeli
commented
6 years ago Given that our starting point is shared-secret authentication for Hugo nominations and voting, are you proposing that we get rid of that, or that we have a completely separate authentication system for admin users?
offbyone
commented
6 years ago The latter; a pre-shared key to have limited access to voting makes sense, but admin should not be behind that kind of low-tech barrier
eemeli
commented
6 years ago I decided to merge this, as my dev branch is building on top of it so much. Next step for auth is to enable proper 2FA.
This adds an
authsection toconfig/kansa.yaml, which now defines the validity time of keys as well as sessions. By default, sessions are valid for five days and keys for one year. For admins, however, keys are only valid for five days.When attempting login with an expired key, the key is automatically reset and emailed, and the server responds to the request with a
403HTTP status and a body with{ "status": "expired" }.