Opened 4 years ago

Last modified 4 years ago

#1910 assigned defect

Separate password caches for I2P-Bote WebUI and IMAP

Reported by: str4d Owned by: str4d
Priority: minor Milestone: undecided
Component: apps/plugins Version: 0.9.28
Keywords: I2P-Bote security Cc:
Parent Tickets: Sensitive: no


The IMAP API as originally implemented uses the same internal password cache for logging in as the WebUI. This has the side-effect of the WebUI being unlocked while a mail client is authenticated with IMAP, which is unintuitive and unlikely to match user expectations.

The password cache system should be extended with independent authentication contexts.


Change History (2)

comment:1 Changed 4 years ago by zzz

Owner: set to str4d
Status: newassigned
Version: 0.9.28

comment:2 Changed 4 years ago by str4d

Migrated to - I will close these tickets as things are resolved rather than right now, but please make future comments on GitHub?.

Note: See TracTickets for help on using tickets.