Open jsquyres opened 9 years ago
rudybrian
commented
9 years ago Thanks!
SSL seems like a reasonable ask and I would agree it's standard practice for edge-facing services. I'll have to think a little about the authentication scheme though. A key-based technique seems straightforward and OAuth isn't really a good fit for this sort of thing. I'm leaning towards the way Pushover does it (user hash and app token in the POST body).
jsquyres
commented
9 years ago The pushover method sounds perfect to me (i.e., effectively hard-coded user token/auth token). It doesn't have to be complicated, or even all-inclusive -- mainly just something to prevent random connections.
BTW, I love that you did pushover already; I use pushover for lots of things, and will be happy to add my washer/dryer to those scenarios!
rudybrian
commented
9 years ago Thanks @jsquyres, it looks easy enough to implement that way.
I am glad you like the Pushover reference app! It is pretty basic, but gets the idea across. Be sure to give the thumbs up to idea-ywuogk over on FirstBuild. There doesn't seem to be much activity over there at the moment, and any visibility would help.
Looks great!
Question: do you plan to add support for SSL and/or any kind of authentication? (even trivial, hard-coded key-based authentication -- just to prevent random connections to these services to send spurious alerts, etc.)