alsmola / nopassword Goto Github PK
View Code? Open in Web Editor NEWAn authentication and session management framework that eliminates the need for passwords.
License: MIT License
An authentication and session management framework that eliminates the need for passwords.
License: MIT License
Tried to login from http://nopassword.alexsmolen.com/ page, got "We're sorry, but something went wrong." from http://nopassword.alexsmolen.com/send_login_email
Thanks for the work here. Excited to try it out.
Thoughts on not requiring Passw3rd? With a Heroku deploy, passwords can be managed easily through the ENV vars https://devcenter.heroku.com/articles/config-vars. On first look the only effected file would be engine.rb
.
What's the difference between these fields?
I'm using nopassword as a gem, which means it's not integrated into my rails project, and I'd like to keep the two separate so that updating the gem when new pulls are made is as simple as possible. But I'd also like to edit the email that gets sent, so that I can format it to fit other emails my app sends, as well as do simple things like make the activate URL an actual hyperlink (some of the email clients I use don't automatically hyperlink it). Is there a way to supersede the template built into this engine? Or is that something that could be added?
I'm new to Ruby,
does nopassword, being a rails engine, require the use of RoR? Or can it be used independently alongside Sinatra routing?
I apologize if I'm being an obnoxious newbie over here with these potentially-misinformed Issues, but it looks like this engine uses session
which, unlike cookies
, I don't believe I can extend the expiration time for? I can't find anything in the source that dictates when the session
expires, and it appears to be expiring โ at least in IE โ nightly, when the browser has been closed for the evening. Nothing in the Rails documentation for session
seems to tell me how to extend, only to shorten it.
Looking at my own session data in Chrome, it looks like the cookies set (presumably by the rails session
manipulation? I'm not setting any other cookies myself) expire "When the browsing session ends." I'd like to set it to essentially never expire, if it's regularly accessed.
This isn't a highly-secure system, I understand, but it's not highly-sensitive information. Is there a way to do that currently, or is that something that could be added?
The library has been deprecated/declared unsafe by the author:
https://twitter.com/alsmola/status/594932549622726656
Instead, nopassword engine users must configure their own email. For the dummy application, we'll use dotenv.
Seems that a few forks have done this. Haven't tested, but assuming the APIs this uses have been stable, would you accept a PR to relax that constraint?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.