Skip to content

Securing the API_KEY #31

New issue
New issue
Open
Open
Securing the API_KEY#31
@kakauandme

Description

@kakauandme
kakauandme
opened on Mar 31, 2025

What is the current behavior?

API_KEY is passed to the frontend via HTTP request, and is easily accessible.

Steps to reproduce

Load the page, open Network tab and check /authenticate request. The API key is in plain text in the body of the response.

Expected behaviour

API_KEY should not be exposed.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions