Log message #4033437

# At Username Text
# May 29th 2017, 14:56 hmic and can be used to sign a hs256, as your default config adds that method in any case!
# May 29th 2017, 14:56 admad ah
# May 29th 2017, 14:55 hmic but when using rs256 the key is public
# May 29th 2017, 14:55 admad "..create a good signature with just the public key" well the key used for HS265 isn't public key. You are supposed to keep it protected.
# May 29th 2017, 14:55 admad guess i am getting old then
# May 29th 2017, 14:55 hmic both are just 1 liners, should be a minutes work
# May 29th 2017, 14:54 hmic we have talked about it here 4 weeks ago :/ you even left a comment on gh...
# May 29th 2017, 14:54 HenriqueMachado Somebody has an example of a follow system (like twitter) working on cake 3.4?
# May 29th 2017, 14:54 admad hmic: i must have missed notifications for that (or GH gobbled up notification), will check it soon
# May 29th 2017, 14:51 hmic the wrong bearer verification that does not allow basic auth to be used in conjunction with jwt is not that serve and you have provided a workaround in the issue already - while not fixing the cause back then :d
# May 29th 2017, 14:50 hmic admad: i'm talking at least this one: https://github.com/ADmad/cakephp-jwt-auth/pull/54
# May 29th 2017, 14:49 spriz but what I wanted was to ask if I misunderstood something :slightly_smiling_face:
# May 29th 2017, 14:49 spriz @admad you commented at one of the, the other one I consider rather serious compared to :)
# May 29th 2017, 14:49 hmic one is a really bad security issue!
# May 29th 2017, 14:48 admad you have made PRs? :P
# May 29th 2017, 14:48 hmic have been 4 weeks in china, still they are open :p
# May 29th 2017, 14:48 hmic why don't you pick up on my PRs?
# May 29th 2017, 14:48 hmic admad: speaking of which...
# May 29th 2017, 14:45 admad if you pushed new updates within previous 24hrs be patient
# May 29th 2017, 14:45 admad @spriz i already responded to your PRs
# May 29th 2017, 14:27 spriz ,:) *
# May 29th 2017, 14:27 spriz @hmic just keen to get feedback on a PR ,:(
# May 29th 2017, 14:26 hmic i'm not. but whats wrong spriz?
# May 29th 2017, 14:13 spriz Thanks @cleptric :raised_hands:
# May 29th 2017, 14:13 cleptric @spriz -> friendsofcake
# May 29th 2017, 14:12 spriz Any FoC/Crud maintainers around? :tada:
# May 29th 2017, 13:43 npm.i.sniggsnack +i'm
# May 29th 2017, 13:41 npm.i.sniggsnack @redvelvet thank you trying to fix this up
# May 29th 2017, 13:27 TVSET I'm an idiot ... there is no need to flatten the data ... :)
# May 29th 2017, 13:23 HenriqueMachado and this is the "follow" function: https://pastebin.com/6fWYwFiR
# May 29th 2017, 13:22 bernat npm, I'd try to put it in the model via custom finders or some filtering method, and called from the controller. Nothing in the view.
# May 29th 2017, 13:11 npm.i.sniggsnack if you guys would have a view with a list - but specific users should see specific things in that list - where would you filter the data? controller or view ? atm i'd go for the controller and give the filtered data to the view to have a minimum of "logic" in my view.. is that right?
# May 29th 2017, 13:08 chris-andre @hmic When I do update, Sessions.data is still the same. It did not change
# May 29th 2017, 13:06 HenriqueMachado Hello! What is wrog with my models? When i trie to save a "follow" a new user is added: https://pastebin.com/nvQzch2G
# May 29th 2017, 12:59 hmic thats the whole point of database sessions after all (well, you can have a simple *small* loadbalancer setup with multiple frontend webservers and a central (session) database too, but it's not a good thing to scale out further and usually not fast anyways. still you would keep the sessiondatabase server separated from your application database server in this kind of setup)
# May 29th 2017, 12:57 hmic all the data will be loaded from the database at each and every request!
# May 29th 2017, 12:57 hmic chris-andre: with database sessions you do not need to care at all!
# May 29th 2017, 12:55 slackebot bad approach? :P So, how would I flag it, and how shall I look for that flag?
# May 29th 2017, 12:55 chris-andre But okay. So critical data should be updated. Admin need to "find the session" of the logged in user if he's logged in, right? To do that I will need a join table. And to let the currently logged in user "know" that critical updates are made by admin, I have to flag it some way, and I thought SessionsUsers.flag_update (bool) could do that. And again, to make sure I don't miss that flag, I will have to query that table upon every request.
# May 29th 2017, 12:50 TVSET the print_r prints an empty array ... any idea on what I'm doing wrong?
# May 29th 2017, 12:50 chris-andre So if an admin changes a users first_name, you would care about updating. Thats not critical and can wait until next login.