Open edinella opened 11 years ago
yocontra
commented
11 years ago Are you comfortable with knowing that if somebody looks through your history they can get your DB credentials? There is a possibility for a Remember Me (Insecure) option if enough people don't care about that
edinella
commented
11 years ago What about using basicAuth?
Maybe with a path like this: http://localhost:8080/#/:dbType/:dbHostName/:dbHostPort/:dbName/:collectionName/:documentId
For example: http://localhost:8080/#/mongodb/localhost/27017/cellar/vines/522fc525cda9ad4e3a000001
With these headers: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Or inline if someone prefers it: https://user:pass@localhost:8080/#/mongodb/localhost/27017/cellar/vines/522fc525cda9ad4e3a000001
edinella
commented
11 years ago MongoHQ (http://mongohq.com) uses a "mongohq_session_store" cookie for an auth token, thru HTTPS.
When I am managing a database, I expect current URI to identify the current page, as suggested in http://en.wikipedia.org/wiki/URI . If so, I could copy and paste that URI in new tabs, favorite them, and so on. That could happen, if the connection info were on URI.