-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prevent device tokens with same name #24778
Comments
Firstly how can one create a new device? Second, do we need to check before creating whether a device with the same name already exists in AuthSettingsController.php? Or in DefaultTokenProvider.php where tokens are generated. Also, where are all active device tokens stored? Are they stored in the database? If yes then all we need to do is to query the database for all tokens of this "name" and if it exists then throw an exception. Is it the right approach? |
The best would be to adjust |
Okay, and how do we generate the device tokens. I dont get any option to do so in the personal settings tab. |
It's called "App passwords". On master it's in the "Security" section on the left navigation bar. |
Is this the correct way to getTokensByName ->
The problem with this one is, that it gets called sometimes and sometimes it just does not get called. I can say this because I was cheking mysql.log file.
This one gets called everytime. |
@phisch can you help here ? |
Sorry for being late. Was busy in college work. Well, I have been able to rectify the previous errors with some help from Phillip. |
From #24703 (comment):
Maybe we should prevent it or at least warn the user as they then see
Steps to reproduce
Expected behaviour
See a warning
Actual behaviour
I can create multiple tokens with the same name
cc @PVince81
The text was updated successfully, but these errors were encountered: