Kirby
Guest
Member
API call auth/login-token allows to request a login token that either logs the user in just for one session (
However, this setting is not part of the token and thus not validated when the token is redeemed.
This allows every token to be used for a permanent login which might be a security issue.
Continue reading...
Continue reading...
remember = 0) or permanently (remember=1) .However, this setting is not part of the token and thus not validated when the token is redeemed.
This allows every token to be used for a permanent login which might be a security issue.
Continue reading...
Continue reading...
