adding some details in the readme

This commit is contained in:
neil 2020-08-31 09:20:49 +00:00
parent f5fa03fdaa
commit 6d52e01ba1
1 changed files with 1 additions and 1 deletions

View File

@ -9,7 +9,7 @@ It is meant to make form creation easier, through the use of the [Nextcloud Form
I really used black voodoo magic on this one.
This software acts as a **proxy** between the client and the Nextcloud instance. Here are some of its features :
- When a link is created from the main page, sncf connects to the Nextcloud API and creates an account with a random username and password. Those credentials are stored in its SQLite database, along with a randomly-generated token.
- When a link is created from the main page, sncf connects to the Nextcloud API and creates an account with a random username and password. Those credentials are stored in its SQLite database, along with a randomly-generated token (used in the administration link).
- When an administration link is used, sncf uses its database to find the associated username and password, then fills the login form on the Nextcloud instance (taking in account its CSRF token) and proxies the generated `Set-Cookie` headers to the client (to log the user in), then redirects it to the Forms app.
- When a form is created, sncf automatically forges a request to update some fields in the form (set isAnonymous to true, for instance). Those parameters can't be changed by the client.
- When a form is updated, sncf parses the requests before proxying it in order to prevent the client to edit some specific fields (isAnonymous or form access policy, which must not set to allow the users of the same instance to see the form). If an unwanted request is made, sncf does not proxy it.