Opened 3 years ago

Last modified 3 years ago

#1910 assigned defect

Separate password caches for I2P-Bote WebUI and IMAP

Reported by: str4d Owned by: str4d
Priority: minor Milestone: undecided
Component: apps/plugins Version: 0.9.28
Keywords: I2P-Bote security Cc:
Parent Tickets: Sensitive: no

Description

The IMAP API as originally implemented uses the same internal password cache for logging in as the WebUI. This has the side-effect of the WebUI being unlocked while a mail client is authenticated with IMAP, which is unintuitive and unlikely to match user expectations.

The password cache system should be extended with independent authentication contexts.

Subtickets

Change History (2)

comment:1 Changed 3 years ago by zzz

Owner: set to str4d
Status: newassigned
Version: 0.9.28

comment:2 Changed 3 years ago by str4d

Migrated to https://github.com/i2p/i2p.i2p-bote/issues - I will close these tickets as things are resolved rather than right now, but please make future comments on GitHub?.

Note: See TracTickets for help on using tickets.