One-time keys #50

New Issue

Jef Roosens · 2024-03-09T11:33:10+01:00

Jef Roosens commented

2024-03-09 11:33:10 +01:00

Sometimes it would be useful to let someone else publish an entry (probably a
file) to your server. However, you don't want to simply give them your API key
as this would be a rather big leak.

As an alternative, I'd like to introduce one-time tokens. When generating a
one-time token, a new entry would be generated on a random or chosen key (e.g.
/abcd). The server would generate a random token that is then stored in the
LSM store, and returned to the caller. This token could then be used as a
one-time password for uploading a file to only that generated key. The uploaded
entry would then replace the existing entry in the LSM store, automatically
expiring the key.

Sometimes it would be useful to let someone else publish an entry (probably a file) to your server. However, you don't want to simply give them your API key as this would be a rather big leak. As an alternative, I'd like to introduce one-time tokens. When generating a one-time token, a new entry would be generated on a random or chosen key (e.g. `/abcd`). The server would generate a random token that is then stored in the LSM store, and returned to the caller. This token could then be used as a one-time password for uploading a file to only that generated key. The uploaded entry would then replace the existing entry in the LSM store, automatically expiring the key.

Jef Roosens added the

enhancement

label 2024-03-09 11:33:10 +01:00

Jef Roosens added

feature

and removed

enhancement

labels 2024-03-09 14:31:01 +01:00

Sign in to join this conversation.