Back Office Tools: Lightweight Single User Access Best Practice?

xuanbao · · 503 次点击    
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
<p>If your coding something small with sensitive elements which has a web endpoint accessible to 1-5 people what is your go to solution.</p> <p><strong>Traits</strong></p> <ul> <li>Secure</li> <li>Simple with small code footprint</li> <li>Access setup can be manual (no forgotten passwords, user management ect..)</li> </ul> <p>Currently my go to is: https user + pass which uses OAuth 3rd Party (Telegram) to confirm log in from new IP</p> <hr/>**评论:**<br/><br/>ptman: <pre><p>Put it behind a suitable reverse proxy? Like apache with SSO (e.g. mod_mellon).</p></pre>cameronjerrellnewton: <pre><p>Is this accessible to the public Internet or is it internal intranet only? If its private, how about just doing it by mac address? I assume your company has AD credential based logins for their workstations already, let them handle the auth. If not then third party is probably easiest, most have free plans for that few of users. My goto is Auth0</p></pre>Kimau: <pre><p>Remote, open internet. Potentially needed to be accessed from a new machine or phone.</p> <p>Common use case is for remote IoT prototypes or experiments. </p></pre>cameronjerrellnewton: <pre><p>Well then don&#39;t think lightweight and don&#39;t think back office. If you are opening up a channel to the back office and it&#39;s going to be accessible on the public web, you need to lock it down just as tightly as you would be anything else.</p></pre>Kimau: <pre><p>I&#39;m not being lightweight in security terms. I mean that 90% of the functionality of a user management security system is around user management, forgotten passwords, ease of use ect...</p> <p>I mean secure and small code footprint or low dependency graph because that&#39;s easier to maintain in a secure fashion. For when a dev is deving new tool X and needs a lib or toolset to use for remote access I can say okay we have Y use that.</p></pre>ChristophBerger: <pre><p>If the IoT devices are capable enough to do OAuth, would they also be able to connect to a Virtual Private Network? With a VPN, you&#39;d have a security layer beneath all of the application-level protocols. Which means less dependencies for the devs.</p></pre>

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

503 次点击  
加入收藏 微博
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传