diff options
| author | r <r@freesoftwareextremist.com> | 2022-10-25 13:40:49 +0000 |
|---|---|---|
| committer | r <r@freesoftwareextremist.com> | 2022-10-25 14:14:46 +0000 |
| commit | 887ed241d64ba5db3fd3d87194fb5595e5ad7d73 (patch) | |
| tree | 40fe52d870ac31dce139ceb11b40e0161bf10946 /bloat.conf | |
| parent | b4ccde54a70495937a5667950363cbf2c24d40bf (diff) | |
| download | bloat-887ed241d64ba5db3fd3d87194fb5595e5ad7d73.tar.gz bloat-887ed241d64ba5db3fd3d87194fb5595e5ad7d73.zip | |
Use cookies for session storage
Remove the server side session storage and store all the session related data
in the client side cookies. This decreases the exposure of the auth tokens.
It also simplifies the installation process as bloat no longer requires write
access to the filesystem.
This is a breaking change, all the existing sessions will stop working.
Diffstat (limited to 'bloat.conf')
| -rw-r--r-- | bloat.conf | 7 |
1 files changed, 0 insertions, 7 deletions
@@ -3,10 +3,6 @@ # - Key and Value are separated by a single '=' # - Leading and trailing white spaces in Key and Value are ignored # - Quoting and multi-line values are not supported -# -# Changing values of client_name, client_scope or client_website will cause -# previously generated access tokens and client tokens to be invalid. Issue the -# `rm -r database_path/*` command to clean the database afterwards. # Address to listen to. Value can be of "HOSTNAME:PORT" or "IP:PORT" form. In # case of empty HOSTNAME or IP, "0.0.0.0:PORT" is used. @@ -25,9 +21,6 @@ client_name=bloat # See https://docs.joinmastodon.org/api/oauth-scopes/ client_scope=read write follow -# Path of database directory. It's used to store session information. -database_path=database - # Path of directory containing template files. templates_path=templates |