Flyspray - The bug killer!

  • Status New
  • Percent Complete
    0%
  • Task Type Feature Request
  • Category Backend/Core
  • Assigned To No-one
  • Operating System All
  • Severity Medium
  • Priority Very Low
  • Reported Version 1.0 devel (github master)
  • Due in Version Undecided
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Flyspray - The bug killer!
Opened by peterdd - 21.01.2019

FS#2536 - store session in Flyspray database

Currently the sessions are stored by the webservers default settings.

Having this sessions under control by Flyspray by storing it in the database has following advantages:

  1. Allows handling of all sessions of a user by Flyspray.
  2. Providing a session management for each user. The user can see on which devices he is currently logged in and could also force a logout on selective devices.
  3. A forced logoff of all or some user sessions is easy implementable for admins.
  4. Statistics about how many users and who is logged in. (user status: hide always, online, offline, do not disturb, ..)
  5. Could make onpage-notifications easier to implement.
  6. .. ?

Disadvantages:

  1. A potential unknown security bug in Flyspray that could lead to reading a session db table could leak informations like who is currently online/active and make further attacks more focused or makes session takeover easier.
  2. .. ?

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing