rust-client: add api-key & listen_multi_addresses #23
Conversation
rust-client/src/main.rs
Outdated
| /// Api-key used to authenticate our client at the server. | ||
| #[clap(long)] | ||
| api_key: String, |
There was a problem hiding this comment.
I don't think we should pass a secret via a command line argument. This is problematic due to:
- The secret ends up in the shell's history.
- Other users can see the secret via
/proc.
Instead I would use either an environment variable or a file where the file path can be passed as an argument.
What do you think @elenaf9?
There was a problem hiding this comment.
Good point. Reading it from env variable now (50253b0). If it is not present I am logging a warning but still continuing, in case that we ever decide to (temporarily?) disable auth again. Can also change it in a follow up PR to throw an error, if you think that makes more sense.
There was a problem hiding this comment.
Given that it is a mechanism for the server to establish trust to the client and not the other way around, I think defaulting to not using the API key is fine here. 👍
All good, I just disabled it because it understandably started failing after I did protobuf adjustments :) |
|
BTW, also LGTM, so feel free to merge :) |
Update rust-client to be compatible with the latest main:
Note: I was only able to briefly test it again our test server, where it worked as expected. Now not working anymore, most likely because of #22. I will fix this in a separate PR, but might take at bit more time.
Also re-enabled the CI since we are now compatible again, but not insisting on that. @dennis-tra in case that you prefer it being disabled while things are still changing a lot I am happy to keep it commented out.