Use proper logout/login routines, generated token #84
Comments
|
Above I thought of the token of being a password. Maybe it doesn't need to be. It could just be the impersonate request id. So ownCloud would only check whether the given admin who opens the link is logged in and is allowed to impersonate said user. Also: have the tokens expire. |
|
So basically the admin who wants to impersonate any user when clicked on impersonate icon would get a link as notification from the user. Which an admin when clicks would be impersonated. And the impersonation time would be temporary ( time limit ), after which the user would be switched back to admin user. This is what my understanding is from #84 (comment). The idea looks nice to me. |
|
Interesting comment about the time limit. I actually meant that the time window in which the link itself is valid is limited. The link expires. We could talk about adding a time limit to the session as well as an extension to this. Now also to consider: once impersonation has started, the link itself should expire directly, or within the next hour. So clicking the link again in another browser would not start impersonation. |
We could improve the current impersonating mechanism to be less hacky.
One idea would be to provide temporary tokens. These could even be using the app passwords facility to provide time limited tokens for an admin.
For a better UX, the admin would not even see the token and just receive a link per notification which would automatically log in said admin as that user.
Technically, the current impersonate link in the users page would generate a token on the backend, then redirect to the logout link, then impersonate link.
Having this kind of link would also make it possible to implement impersonation request workflow: #83
@sharidas @butonic
The text was updated successfully, but these errors were encountered: