happstack-authenticate looks impressive, they seem to support for Google ,
Yahoo, Live Journal, Myspace, and OpenId logins!
I'll try it.
On Fri, Mar 1, 2013 at 5:17 AM, Chris Wong
chrisyco+haskell-c...@gmail.comwrote:
On Thu, Feb 28, 2013 at 1:26 PM, Brandon Allbery allber...@gmail.com
wrote:
On 2/28/2013 11:17 PM, Chris Wong wrote:
On Wed, Feb 27, 2013 at 8:37 AM, Corentin Dupontcorentin.dup...@gmail.com
wrote:
Hi Chris,
Thanks!
That's true for the user number. What should I do? Encrypt it?
It's not that you have a user number, or even that it's accessible: it's
that it's the
Joe Quinn headprogrammingc...@gmail.com wrote:
Additionally, you can change the session hash with every page hit, to
some other totally random hash. If someone steals your session, they
had better act on it immediately, lest you visit another page and it
changes completely. If your session
Hi all,
with the mutiplayer server, the game was occasionally crashing with:
CPU time limit exceeded (core dumped)
I think it was due to some ulimit set too low, it should work better now.
BR,
C
On Wed, Feb 27, 2013 at 12:28 AM, Corentin Dupont corentin.dup...@gmail.com
wrote:
Hello
On Thu, Feb 28, 2013 at 1:26 PM, Brandon Allbery allber...@gmail.com wrote:
On Wed, Feb 27, 2013 at 8:37 AM, Corentin Dupont corentin.dup...@gmail.com
wrote:
Hi Chris,
Thanks!
That's true for the user number. What should I do? Encrypt it?
It's not that you have a user number, or even that
There's another one...
http://3.bp.blogspot.com/-0-NT1rzFpik/Tpe4sb18gOI/AuM/j2BHO_TgLi4/s1600/calvinball.jpg
Tom
On Tue, Feb 26, 2013 at 7:07 PM, Ben Lippmeier b...@ouroborus.net wrote:
On 27/02/2013, at 10:28 , Corentin Dupont corentin.dup...@gmail.com wrote:
Hello everybody!
I am
I think it would be harder to implement a computer version of 1KBWC and
Calvin ball!! Have to think of it ;)
On Wed, Feb 27, 2013 at 9:48 AM, Tom Murphy amin...@gmail.com wrote:
There's another one...
Thank you very much, that's very nice!
That was a great journey, I started Nomyx 2-3 years ago as a personal
project and learned Haskell on the way.
I went through many refactorings as my comprehension of Haskell and Nomic
progressed.
Out of the top of my head, the points that gave me some
Hi Chris,
Thanks!
That's true for the user number. What should I do? Encrypt it?
On Wed, Feb 27, 2013 at 5:02 AM, Chris Wong chrisyco+haskell-c...@gmail.com
wrote:
Hello everybody!
I am very happy to announce the beta release [1] of Nomyx, the only game
where You can change the rules.
I
The user id is not necessarily the problem, but rather that you can
impose as another user. For this, one solution is to keep track of a
unique (changing) user token in the cookies and use that for verifying
the user.
--
Mats Rauhala
MasseR
signature.asc
Description: Digital signature
Yes, having a cookie to keep track of the session if something I plan to do.
On Wed, Feb 27, 2013 at 3:16 PM, Mats Rauhala mats.rauh...@gmail.comwrote:
The user id is not necessarily the problem, but rather that you can
impose as another user. For this, one solution is to keep track of a
Note that cookies are not the solution here. Cookies are just as user
controlled as the url, just less visible. What you need is a session
id: a mapping from a non-consecutive, non-guessable, secret token to
the user id (which is sequential and thus guessable, and often exposed
in urls etc.). It
So I need to encrypt the user ID in some way? What I need is to associate
the user ID to a random number and store the association is a table?
On Wed, Feb 27, 2013 at 3:52 PM, Erik Hesselink hessel...@gmail.com wrote:
Note that cookies are not the solution here. Cookies are just as user
You could just hash it.
- Clark
On Wed, Feb 27, 2013 at 2:08 PM, Corentin Dupont
corentin.dup...@gmail.comwrote:
So I need to encrypt the user ID in some way? What I need is to
associate the user ID to a random number and store the association is a
table?
On Wed, Feb 27, 2013 at 3:52
hash is reversible or not?
On Wed, Feb 27, 2013 at 8:18 PM, Clark Gaebel cgae...@uwaterloo.ca wrote:
You could just hash it.
- Clark
On Wed, Feb 27, 2013 at 2:08 PM, Corentin Dupont
corentin.dup...@gmail.com wrote:
So I need to encrypt the user ID in some way? What I need is to
hash(id:secret) should not be reversible, if you use a cryptographic hash.
hash(id) can be brute-forced, on something with so small a range.
On Wed, Feb 27, 2013 at 11:20 AM, Corentin Dupont corentin.dup...@gmail.com
wrote:
hash is reversible or not?
On Wed, Feb 27, 2013 at 8:18 PM, Clark
Hi all,
there is quite a lot of players! Fantastic!
I proposed a rule to lower the vote quorum from unanimity to a quorum of
only 4, for the experimentation.
But still, to have this rule accepted, everybody needs to vote! Could you
please cast your vote? If you don't plan on playing, it's better
NB: being unsubscribed, you can still watch the game. It's just that you
are not anymore considered as a citizen of that game, thus not counted in
the votes.
On Wed, Feb 27, 2013 at 10:12 PM, Corentin Dupont corentin.dup...@gmail.com
wrote:
Hi all,
there is quite a lot of players! Fantastic!
I would encourage you to take a look at the snap (the web framework)
package, where this concern is handled for you as part of the session
snaplet.
The
Snap.Snaplet.Sessionhttp://hackage.haskell.org/packages/archive/snap/0.11.2/doc/html/Snap-Snaplet-Session.html
module
and the
Thanks Ozgun,
but I'm using Happstack: this will be compatible?
On Wed, Feb 27, 2013 at 10:30 PM, Ozgun Ataman ozata...@gmail.com wrote:
I would encourage you to take a look at the snap (the web framework)
package, where this concern is handled for you as part of the session
snaplet.
The
You probably can't use it directly but it should at least show you how we did
it. In particular, the Snap.Snaplet.Session.SecureCookie module (internal, I
think, so look at source) may be of interest to you as it implements the
self-contained idea of encrypted cookies.
- Oz
On Wednesday,
On Wed, Feb 27, 2013 at 8:37 AM, Corentin Dupont
corentin.dup...@gmail.comwrote:
Hi Chris,
Thanks!
That's true for the user number. What should I do? Encrypt it?
It's not that you have a user number, or even that it's accessible: it's
that it's the entirety of access control, meaning that if
Hello everybody!
I am very happy to announce the beta release [1] of Nomyx, the only game
where You can change the rules.
This is an implementation of a Nomic [2] game in Haskell (I believe the
first complete implementation). In a Nomyx game you can change the rules of
the game itself while
On 27/02/2013, at 10:28 , Corentin Dupont corentin.dup...@gmail.com wrote:
Hello everybody!
I am very happy to announce the beta release [1] of Nomyx, the only game
where You can change the rules.
Don't forget 1KBWC: http://www.corngolem.com/1kbwc/
Ben.
On Tue, Feb 26, 2013 at 3:28 PM, Corentin Dupont
corentin.dup...@gmail.comwrote:
Hello everybody!
I am very happy to announce the beta release [1] of Nomyx, the only game
where You can change the rules.
This is an implementation of a Nomic [2] game in Haskell (I believe the
first complete
Hello everybody!
I am very happy to announce the beta release [1] of Nomyx, the only game
where You can change the rules.
I just gave it a go -- it looks fun :)
However, I've spotted a security hole. The current user number is
stored in the URL -- if I change that number, I can masquerade as
26 matches
Mail list logo
