~gloatingfiddle

Atlanta, GA

https://fosstodon.org/@dathagerty

A Go Developer who dabbles in Rust.

My tools are zsh and vim (Neovim to be specific). Sometimes JetBrains IDEs (CLion and GoLand).

~gloatingfiddle/kennedy-discuss

Last active 2 years ago

~gloatingfiddle/kennedy-devel

Last active 2 years ago

~gloatingfiddle/kennedy-announce

Last active 2 years ago

~gloatingfiddle/roguewin-discuss

Last active 2 years ago

~gloatingfiddle/roguewin-devel

Last active 2 years ago

~gloatingfiddle/roguewin-announce

Last active 2 years ago

~gloatingfiddle/atonement-announce

Last active 2 years ago

~gloatingfiddle/atonement-devel

Last active 2 years ago

~gloatingfiddle/atonement-discuss

Last active 2 years ago

~gloatingfiddle/atonement-release

Last active 2 years ago
View more

Recent activity

Re: GraphQL API security review 2 years ago

From David Hagerty to ~sircmpwn/sr.ht-dev 

On Tue Sep 15, 2020 at 11:19 AM EDT, Drew DeVault wrote:
> Expiry is a Unix timestamp set 1 year in the future from token issuance.

If no one else has qualms about that expiry length on tokens, I
understand, but I personally get a little nervous with long-lived tokens
like this. If a token becomes compromised, that's a much longer span of
time where it can be used maliciously.

When I've developed APIs for my employer, the advice has been
to go for shorter expiries, on the order of a month.