Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auth code handling #84

Open
behindtext opened this issue Dec 22, 2017 · 2 comments
Open

auth code handling #84

behindtext opened this issue Dec 22, 2017 · 2 comments

Comments

@behindtext
Copy link

when zkserver is running with createpolicy = token, if a client attempts to either reuse an existing authentication code or use an incorrect auth code, the server exposes its identity and the client is stuck at the yes/no prompt for the server with the message "Could not create account: not allowed" after the client attempts to accept the server's keys.

The preferred behavior would be for the client to be returned to the original screen where they enter their username, nick, server, and auth code, so they can reattempt with a valid auth code. Also, the server should not expose its identity unless a valid auth code is entered.
@marcopeereboom
Copy link
Contributor

marcopeereboom commented Dec 22, 2017
edited
Loading

The prompt at the bottom of the page should say F10 to exit.

I need to think about the token + identity bits because that is a chicken and egg problem.

@marcopeereboom
Copy link
Contributor

After fixing a bunch of issues in #100 this remains a side issue. We need protocol changes to enable a better flow of pre-session messages including proper error messages between client and server. This needs a redesign.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@marcopeereboom @behindtext