Hi everyone, I have some problems with the WebRPC API. I am developing software that would pull users credit information from each project.
The problem I have is accessing that credit information using their e-mail address. It has to be e-mail address so that I can confirm the owner of the credit is the same owner as the e-mail. (Sending them an e-mail activation link). Then use the user id to access the show_user call. The only other way to get credit information is requiring the authentication string. Currently the only way to confirm email to userid is using the authentication string with am_get_info. Since the authentication string contains the users e-mail this is redundant. The authentication should not be required because it is an obvious security flaw as it exposes their accounts entirely to me. I should be able to confirm the userid to email without requiring the authentication string. Then use the userid to lookup credit information. EG: project/[email protected] Should return: <account_out> <userid>123</userid> <success/> </account_out> This would allow me to accept emailAddress and userID at a third party website, and confirm that they are connected within your project. Thanks in advance, Greg _______________________________________________ boinc_dev mailing list [email protected] https://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address.
