-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Join share by opening a shared folder invite link #1474
Comments
Hey team! Please add your planning poker estimate with ZenHub @RyRy79261 @tanmoyAtb @Tbaut |
So if i'm getting this right, under all circumstances a user must create a files account to view content from a shared link. And this is considered technically publicly accessible as long as the user has a files account. Is that correct? |
Thats right - the link is an "permission slip" to our backend instructing it to add the bearer to the list of readers/writers of a particular bucket. Before this token can be utilized a user needs to have a key pair associated with their credentials, which can only happen after registration. |
Not sure what we want to show once we passed the login, maybe a dedicated page with a loader "you're being added to XYZ" |
Closed in #1620 |
A user who receives this link (after login) is directed to a page that will parse this link, extract the encryption key, encrypt the key with their pubKey.
In the event of a user not being logged in the login page should notify the user that they need to log in to access the shared content.
This page will then make an API request presenting the encryptedEncryptionKey, and the JWT.
The API will validate the JWT, make sure it was signed by the Shared Folder owner, and if all this info matches up, then the user making the request is added to the share.
The app would redirect the user to /shared/{bucketId}/
The text was updated successfully, but these errors were encountered: