One-time keys #50

New issue

Open

opened 2024-03-09 11:33:10 +01:00 by Jef Roosens · 0 comments

Jef Roosens commented

2024-03-09 11:33:10 +01:00

Owner

Sometimes it would be useful to let someone else publish an entry (probably a
file) to your server. However, you don't want to simply give them your API key
as this would be a rather big leak.

As an alternative, I'd like to introduce one-time tokens. When generating a
one-time token, a new entry would be generated on a random or chosen key (e.g.
/abcd). The server would generate a random token that is then stored in the
LSM store, and returned to the caller. This token could then be used as a
one-time password for uploading a file to only that generated key. The uploaded
entry would then replace the existing entry in the LSM store, automatically
expiring the key.

Sometimes it would be useful to let someone else publish an entry (probably a file) to your server. However, you don't want to simply give them your API key as this would be a rather big leak. As an alternative, I'd like to introduce one-time tokens. When generating a one-time token, a new entry would be generated on a random or chosen key (e.g. `/abcd`). The server would generate a random token that is then stored in the LSM store, and returned to the caller. This token could then be used as a one-time password for uploading a file to only that generated key. The uploaded entry would then replace the existing entry in the LSM store, automatically expiring the key.