I am starting to implement app specific authtokens/passwords.
I started adding some additional features to further increase the security of tokens:
Reporting API, and/or
adminaccess (but not super user)
Of course this way you could create different combination of tokens to lower the risk a lot, eg
This way, even if a tracker gets the token, the scope of what they can do is quite restricted.
It's tricky to implement though. Eg likely we would need to use completely different
Access class depending on whether user is authenticated through UI, or through token_auth. It me mostly done though by changing maybe the behaviour of
Access:loadSitesIfNeeded but not sure. Also we would need to check in various places eg in
API::index() whether the token is allowed for the current scope etc.
Figured I create separate issue for now to simplify #6559.