I want to write my own service and I want to limit who can call post endpoints without implementing whole auth.
From security point would it be good enough to require to pass some key in post form and in server check if it is the same as the one specified in server?
The server would be put behind reverse-proxy so the request should be encrypted.
[#]programming #rustlang #webdev #selfhosted #backend #indieweb
=> More informations about this toot | View the thread | More toots from MevLyshkin@mastodon.gamedev.place
=> View programming tag | View rustlang tag | View webdev tag | View selfhosted tag | View backend tag | View indieweb tag This content has been proxied by September (3851b).Proxy Information
text/gemini