mirror of
https://gitea.phreedom.club/localhost_frssoft/bloat.git
synced 2025-05-10 22:08:45 +00:00
Use cookies for session storage
Remove the server side session storage and store all the session related data in the client side cookies. This decreases the exposure of the auth tokens. It also simplifies the installation process as bloat no longer requires write access to the filesystem. This is a breaking change, all the existing sessions will stop working.
This commit is contained in:
r
parent
b4ccde54a7
commit
887ed241d6
14 changed files with 225 additions and 495 deletions
10
INSTALL
10
INSTALL
|
|
@ -23,16 +23,8 @@ most cases, you only need to change the value of "client_website".
|
|||
# cp bloat.gen.conf /etc/bloat.conf
|
||||
# $EDITOR /etc/bloat.conf
|
||||
|
||||
4. Create database directory
|
||||
Create a directory to store session information. Optionally, create a user
|
||||
to run bloat and change the ownership of the database directory accordingly.
|
||||
# mkdir /var/bloat
|
||||
# useradd _bloat
|
||||
# chown -R _bloat:_bloat /var/bloat
|
||||
Replace /var/bloat with the value you specified in the config file.
|
||||
|
||||
5. Run the binary
|
||||
# su _bloat -c bloat
|
||||
$ bloat
|
||||
Now you should create an init script to automatically start bloat at system
|
||||
startup.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue