Comments (7)
@jonasalexander its a start but honestly you're asking new customers to take a (somewhat) big leap here. I understand the desire to reduce friction in sign up but also my google account is a big deal to me and I have very little information about autotab to trust you and your website is extremely sparse on information about who you are. Literally anyone can write "backed by yc" on their website. Nothing actually links autotab to YC. You're not mentioned on their website. Not that YC is a stamp of security approval...
The idea that I should feel comfortable putting my google credentials in a yml file on disk that 3rd party code then reads and then auto-login to your service for me is honestly a deal breaker. I like the idea for this product which is why I'm giving you feedback. I read through the code in this repo and nothing looks sketchy but your chrome extension is minified / uglified so I actually have no idea what its doing with my credentials that are being passed around. This is just not how auth is done.
Why not have me oauth from autotab.com and generate an api key that I can then enter into the chrome extension?
Slightly more work but like I don't have to trust you with my credentials.
from autotab-starter.
Thanks for the feedback, I appreciate it!
It is confusing - for the record I am part of YC (the last batch, summer 23 - was previously working on ZTool and haven't updated it yet but you can see my face here https://www.ycombinator.com/companies/ztool).
The only place we use the credentials during autotab record
is here: https://github.com/Planetary-Computers/autotab-starter/blob/main/src/utils/open_plugin.py. You can either just comment that function out or set record_mode=False
in get_driver
in record.py
(here:
Line 8 in b56108e
.example.autotab.yaml
as your .autotab.yaml
and you're ready to go, 0 credentials shared. You will have to manually open the extension in the Selenium-controlled browser and you will still need sign in to autotab with Google but no credentials are shared, you're just through the standard Google auth flow.
All that said I agree that an API key would be smoother! Definitely a thing I'd like to build soon
from autotab-starter.
@davidbenhaim You can now go to https://www.autotab.com/dashboard, get your API key and then just set the autotab_api_key
in your .autotab.yaml file locally! No more Google credentials within 100 feet of autotab. :)
from autotab-starter.
Great question! We currently only allow log in with Google to log in to autotab itself, but plan to build login with email/password and other third party options.
from autotab-starter.
ah thanks. Ok. It was very unclear why I was being asked to sign in to google. The autotab website, readme, and code in this repo don't mention logging in to autotab or why it is required? My first take on why was that the code logged me in to google was as a demo for the tool not for auth for autotab. Its unclear what autotab actually is.
from autotab-starter.
Wdyt, does this help clarify? #9. Anything you would add?
autotab is for turning your browser actions into Selenium code!
from autotab-starter.
thanks @jonasalexander I will re-try with these changes.
from autotab-starter.
Related Issues (12)
- Couldn't install on Linux properly HOT 10
- Server error: 401 HOT 2
- Failing to authenticate on "Couldn't sign you in". HOT 2
- AttributeError: module 'main' has no attribute 'main' HOT 3
- Running autotab record throws python error HOT 6
- windows installation HOT 1
- ModuleNotFoundError: 'distutils' on M1 following `make install`
- Couldn't run on Mac M1 HOT 1
- https://www.autotab.com/dashboard doesnt work HOT 1
- Could not find .example.autotab.yaml HOT 1
- Docker + Browserless ? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from autotab-starter.