~gloatingfiddle

Atlanta, GA

https://dathagerty.com

A Go Developer who dabbles in Rust.

My tools are zsh and vim (Neovim to be specific). Sometimes JetBrains IDEs (CLion and GoLand).

~gloatingfiddle/kennedy-discuss

Last active 23 days ago

~gloatingfiddle/kennedy-devel

Last active 23 days ago

~gloatingfiddle/kennedy-announce

Last active 23 days ago

~gloatingfiddle/roguewin-discuss

Last active 2 months ago

~gloatingfiddle/roguewin-devel

Last active 2 months ago

~gloatingfiddle/roguewin-announce

Last active 2 months ago

~gloatingfiddle/atonement-announce

Last active 4 months ago

~gloatingfiddle/gochat-discuss

Last active 5 months ago

~gloatingfiddle/gochat-announce

Last active 5 months ago

~gloatingfiddle/atonement-devel

Last active 5 months ago
View more

Recent activity

Re: GraphQL API security review a month ago

From David Hagerty to ~sircmpwn/sr.ht-dev

On Tue Sep 15, 2020 at 11:19 AM EDT, Drew DeVault wrote:
> Expiry is a Unix timestamp set 1 year in the future from token issuance.

If no one else has qualms about that expiry length on tokens, I
understand, but I personally get a little nervous with long-lived tokens
like this. If a token becomes compromised, that's a much longer span of
time where it can be used maliciously.

When I've developed APIs for my employer, the advice has been
to go for shorter expiries, on the order of a month.