Front end developer specialising in JavaScript and React. Experienced in all aspects of modern front end development. Passionate about making accessible, secure and performant software.
Front end developer specialising in JavaScript and React. Experienced in all aspects of modern front end development. Passionate about making accessible, secure and performant software.
So I had to think about it a bit more, and I was hoping you could still clarify a few things :). If it's dragging on or asking for too many details feel free to ignore it though.
Would this auth solve the spamming issue? E.g. couldn't an attacker do the authentication request once to obtain and save the bearer token? Then continue spamming using that bearer token?
Or, if the bearer token is one-time use, couldn't the attacker repeat the entire thing (get the token, then submit an error)?
PS. For some reason, I couldn't reply to your latest comment. I had to reply to my own.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Thanks for the explanation :)
So I had to think about it a bit more, and I was hoping you could still clarify a few things :). If it's dragging on or asking for too many details feel free to ignore it though.
Would this auth solve the spamming issue? E.g. couldn't an attacker do the authentication request once to obtain and save the bearer token? Then continue spamming using that bearer token?
Or, if the bearer token is one-time use, couldn't the attacker repeat the entire thing (get the token, then submit an error)?
PS. For some reason, I couldn't reply to your latest comment. I had to reply to my own.