-
-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
v1.0.0 Roadmap #133
Comments
I'd add another task, adding common security headers for private websites:
Also CSP and PP headers could be added, to further tailor resource leading and client/browser feature usage to what the dashboard does/is intended to do, but this requires more investigation and testing, above the ones that should work as is. |
The dashboard's already dead on IE, it makes heavy use of CSS flexbox. CSP is currently implemented through a |
|
Just an idea, but instead of password protection on the terminal, how about just calling the login binary instead, so people can log in to either |
Sounds pretty reasonable. This would be even a reasonable default IMO, later probably with the option for autologin (with a specific user).
What you mean by this? Which login dialog when there is currently none intended? |
The dialog works, but the terminal doesn't load, and requires a reload to get working. This is due to the fact that, since the websocket is connected to a PTY, it expects the first message to be the token if there's password protection, otherwise it quits. |
Ah you mean the dashboard password input. Now I get it, you mean to replace the general dashboard password protection on the terminal page with the console login prompt. Hmm, I think this is no good idea. User may not expect this and rely on a strong dashboard password and may have weak local UNIX user passwords or none at all. I thought this as an additional feature, allowing dedicated protection and different user logins for the terminal. But at least other user logins are not so much an argument since one can simply run |
Yeah, it was just a thought. Definitely have to fix the terminal login before v1.0.0 though. It came up because of the (mistaken) request for authentication at Fourdee/DietPi-Dashboard#2, where the user was surprised that the terminal auto-logged in. |
when to release? |
Honestly, whenever I have time to finish the checklist. I don't want to make any guarantees right now. |
@ravenclaw900 |
Easy
biscuit
) (get rid of the login in window? #155 (comment))serde
withoutserde_derive
and/orserde_json
(feat(backend): allow using environment variables to set settings #186)Medium
biscuit
library for JWT creation and validation (can't requireserde
)psutil
, can be augmented with other crates for missing functionality). ([Request] please add cpu temperature meter #36)chartist
oruplot
chart libraryselect!
instead of spawning threads on page visitsHard
unwrap
(fix(backend): add more error handling #236)/
in the graph. (https://dietpi.com/blog/?p=1137#comment-581)/dev
, downloading large file) (fix(backend): replace blocking functions with async functions #270)Probably more to come, suggestions welcome.
The text was updated successfully, but these errors were encountered: