Restrict Player-qrcode #20

Closed
opened 5 years ago by Burathar · 0 comments
Burathar commented 5 years ago
Owner

When a game owner adds a player, he can reqest the player qr-code to share with the person who will own that account. However, when an existing player is added, the owner can do this as well, in which case accounts can be compromised. To resolve this, implement the has_logged_in field mentioned in issue17 and if the field is not null, game owners should not see the qrcode.

When a game owner adds a player, he can reqest the player qr-code to share with the person who will own that account. However, when an existing player is added, the owner can do this as well, in which case accounts can be compromised. To resolve this, implement the `has_logged_in` field mentioned in [issue17](https://git.sciuro.org/Burathar/The-Hunt/issues/17) and if the field is not null, game owners should not see the qrcode.
Burathar added the
security enhancement
label 5 years ago
Burathar added a new dependency 5 years ago
Burathar referenced this issue from a commit 5 years ago
Burathar closed this issue 5 years ago
Sign in to join this conversation.
Loading…
There is no content yet.