Skip to content
This repository has been archived by the owner on Aug 19, 2024. It is now read-only.

Latest commit

 

History

History
11 lines (11 loc) · 1.05 KB

todo.md

File metadata and controls

11 lines (11 loc) · 1.05 KB
Raw

Roads-Starter: TODO

  1. Bring over some of the improvements from dd: template reloading, live static file reloading, more?
  2. Bring jsExample up to date with TS example (and maybe share some files such as the config, templates and static)
  3. Fix the awful "hasKey" stuff for config. Error should report the key, and there shouldn't be any code duplication
  4. Improve session security: https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html (http only cookie, no identifyable info in the token, make it random and map to server side blob)
  5. Move db connection out of the api constructor, and into something that can be injected
  6. Maybe rethink the project idea? This feels convoluted. Maybe we can take the user routes out and into a different file, or even different package.
  7. Get a roads github project set up, and maybe a roads npm org too.
  8. Flush commit history and reset from a clean start to kill any old keys
  9. Move csrf token stuff into core roads
  10. json schema based config validation, instead of this awful hasAllKeys function