The API is accessible without being logged in

[jeromegv]

will need to think of the best way to manage that... considering we want mini-app that use the API to be used on the website, we can't ask people to authenticate but we probably don't want a straight access wide open to the public.. would need some kind of API key

[abhishekbh]

lol yeah, at the moment we have write enabled to ask.

I wonder if as a temporary fix we can enable write only as long as the client is on the local domain.

Abhishek On Jun 7, 2012 11:10 PM, "jeromegv" < reply@reply.github.com> wrote:

will need to think of the best way to manage that... considering we want mini-app that use the API to be used on the website, we can't ask people to authenticate but we probably don't want a straight access wide open to the public.. would need some kind of API key

---

Reply to this email directly or view it on GitHub: https://github.com/thesentinelproject/threatwiki_node/issues/42