Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue API keys to download the INI files #34

Open
asgrim opened this issue Nov 21, 2017 · 2 comments
Open

Issue API keys to download the INI files #34

asgrim opened this issue Nov 21, 2017 · 2 comments
Labels
enhancement

Comments

@asgrim
Copy link
Member

asgrim commented Nov 21, 2017

Although so far the INI files are readily available, this is problematic and we get a huge amount of abuse.

My idea was this: in order to download the files, you must generate an API key. Generating the API key shouldn't need an account or anything, but we could probably use a Google reCaptcha or something.

The API keys should expire (maybe in 1 year or something), and probably makes sense to be a JWT as the key, then we don't even need to store anything.

Basically anything without an API key would now be blocked.
@mimmi20
Copy link
Member

mimmi20 commented Nov 21, 2017

How should this work for the update function we have in the browscap-php library?

@asgrim asgrim mentioned this issue Nov 27, 2017
Closed
@asgrim
Copy link
Member Author

asgrim commented Nov 27, 2017

For simplicity, I think the JWT token would just be appended to the URL, for example http://browscap.org/stream?q=BrowsCapINI&token=<jwt_token>. I haven't thought through it enough yet ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@asgrim @mimmi20