SqueakMap shaping up...
goran.hultgren at bluefish.se
goran.hultgren at bluefish.se
Thu Aug 15 09:46:58 UTC 2002
(I am preparing a download of SqueakMap for you all to look at and play
with.
It's basically working now including mirror synchronization. Next big
step will be to build a Morphic browser on top of the model.)
But I just realized one small problem. The current idea with the ability
to click on a link to get SqueakMap to mail you a new password for a
particular package/repository is probably not so good. It can be quite
annoying when someone else clicks on the link and you get emails
flooding in with new passwords...
Currently it creates a new random password and sends that because it
can't send the old one since it is stored as a SHA hash. ;-) Hmmm.
Anyway, does anyone have any good ideas on how to handle this?
Some thoughts:
1. I want a password for each registration - it makes it easy to let
someone else take over a registration and you don't need to first create
an account on SqueakMap to be able to register something etc.
2. Currently I save the passwords in the map as SHA hashes. Is that a
good idea? Point being that we can still keep them in the map that
everyone mirrors without someone being able to misuse it.
regards, Göran
More information about the Squeak-dev
mailing list
|