search

zorchenhimer / MoviePolls

Voting to decide on a movie to watch with MovieNight
https://discord.gg/F2VSgjJ
16 stars 6 forks source link

Username change in account page. #104

Closed LukeIsCodingNet closed 3 years ago

LukeIsCodingNet commented 3 years ago

Add a feature where users can change their username about every 30 days or so.

CptPie commented 3 years ago

This seemingly small feature might have some REAL security implications since users are matched on name alone atm. Your opinion @zorchenhimer ?

zorchenhimer commented 3 years ago

I've thought about adding a "display" name. If one isn't set it would display the login name. This would make sense for an account created with Patreon, as that site will have IRL names as login names, but I would need to figure out something I'm comfortable with. I'm not sure I would want to hide the login name entirely.

Also, as the admin, I would want a list of all the names that anybody has used. This could be a pain to do though for little overall gain.

Changing the login name would be a no-go.

LukeIsCodingNet commented 3 years ago

What if you added tags to the names so that way a user is identified by the tag and not the name? Like UserName#1234.

CptPie commented 3 years ago

Numerical user ids are a bad practice since they can be exploited with enumeration attacks. We intentionally hide the user id and only use it internally for exactly this reason. Tbh i dont see the small gain in being able to change your username being worth all the hassle associated with implementing this into an environment not initially designed for this.

Login logic and the user struct/table would have to be reworked (again) and i can say that i wont be the guy doing that in the near future.

zorchenhimer commented 3 years ago

MoviePolls isn't meant to be a social media site. Users can't make posts and there are no comments. People aren't going to be finding his site on it's own, they'll be coming in from an existing community on Twitch or Discord where they already have a presence. As such, I don't believe anything more than a simple public name to list with votes being necessary.

Additionally, changing the user ID format will cause more headache to implement than it's worth. And as CptPie pointed out, this could potentially open up some security risks that I want to avoid.

Down the line I may consider a display name field, but changing the login name or the login name's format is going to be a hard "no".