Migrated from Redmine #975 | Author: Ðртур Чернієвич
Status: Feedback | Priority: High, I’m very impatient | Created: 2022-11-30
I am afraid that our customers will be able to change the password from the admin account and then the entire service reservation system will be broken in the mobile app, since we will not be able to receive the auth token because we need update version with new admin login/password.
We will not use self server.
Dmytro Bondarev wrote:
Hi, please explain more what you mean?
For public app you should use public API or make proxy server that will call only allowed methods of admin API.
Ðртур Чернієвич wrote:
To place an order, you need to get a clientId. Only an admin can create a client.
We will store the login and password of the admin in the application, so that from there we can send a request to create a client using a auth token. After this action client will have self clientId and can make a booking.
Our problem. I’m afraid that we can be able to change the password of admin in simplyBook.me, and then mobile app will have still old data about admin.
Dmytro Bondarev wrote:
You can make separate user and use it for API calls only.
Ðртур Чернієвич wrote:
Dmitry Bondarev wrote:
You can make separate user and use it for API calls only.
You are right. We also insist on this. We will keep our customers informed as much as possible.
Thank you, have a nice day!