fmrt94 Posted October 7, 2016 Share Posted October 7, 2016 HelloI am working on a mobile app, that listen for new products and other information of the store.To recibe the data, I'm using the PrestaShop API. To get some information of the client, the token access have the permission to get the clients. In theory I only should take the information of one client; But in essence the app can retrieve information about all clients. ( I see a security problem here.) So, should I create an intermediate service that limits the information that the clients recieves? --> The mobile app only should have access to the logged client information!Thanks Link to comment Share on other sites More sharing options...
Daniel Patilea Posted October 7, 2016 Share Posted October 7, 2016 Hello I am working on a mobile app, that listen for new products and other information of the store. To recibe the data, I'm using the PrestaShop API. To get some information of the client, the token access have the permission to get the clients. In theory I only should take the information of one client; But in essence the app can retrieve information about all clients. ( I see a security problem here.) So, should I create an intermediate service that limits the information that the clients recieves? --> The mobile app only should have access to the logged client information! Thanks Check the Webservice documentation here and here Link to comment Share on other sites More sharing options...
fmrt94 Posted October 13, 2016 Author Share Posted October 13, 2016 Great! With PrestaShop-webservice-lib I'm going to isolate the access like i want.Thanks!!! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now