Open jsquyres opened 9 years ago
Thanks!
SSL seems like a reasonable ask and I would agree it's standard practice for edge-facing services. I'll have to think a little about the authentication scheme though. A key-based technique seems straightforward and OAuth isn't really a good fit for this sort of thing. I'm leaning towards the way Pushover does it (user hash and app token in the POST body).
The pushover method sounds perfect to me (i.e., effectively hard-coded user token/auth token). It doesn't have to be complicated, or even all-inclusive -- mainly just something to prevent random connections.
BTW, I love that you did pushover already; I use pushover for lots of things, and will be happy to add my washer/dryer to those scenarios!
Thanks @jsquyres, it looks easy enough to implement that way.
I am glad you like the Pushover reference app! It is pretty basic, but gets the idea across. Be sure to give the thumbs up to idea-ywuogk over on FirstBuild. There doesn't seem to be much activity over there at the moment, and any visibility would help.
Looks great!
Question: do you plan to add support for SSL and/or any kind of authentication? (even trivial, hard-coded key-based authentication -- just to prevent random connections to these services to send spurious alerts, etc.)