The current URL structure we use is very GitHub-esque. These URLs are great for open source code and projects, but there are no advantages for private projects (or Products), plus there are some security disadvantages.
eg. Big Corp signs up and has an org url of /org/big-corp. Competitor of Big Corp joins and then tries to create an org called big-corp to see if Big Corp is using the same NervesHub instance.
I would propose removing /org/:name from the urls and instead using /product/:id (same privacy / security concern as above)
The current URL structure we use is very GitHub-esque. These URLs are great for open source code and projects, but there are no advantages for private projects (or Products), plus there are some security disadvantages.
eg. Big Corp signs up and has an org url of
/org/big-corp
. Competitor of Big Corp joins and then tries to create an org calledbig-corp
to see if Big Corp is using the same NervesHub instance.I would propose removing
/org/:name
from the urls and instead using/product/:id
(same privacy / security concern as above)I'd also suggest using something like https://github.com/sqids/sqids-elixir for the Product ids, with a custom alphabet.
eg. https://mynerveshost.com/products/wc9xdr