API Token Security

  • Hi!

    Thanks for the amazing plugin.

    Would you consider providing the ability to add the API Token for v6 via a wp-config.php definition?

    Would be lovely to avoid storing it in the database in plain text and having it available on the settings screen, even after it’s been entered.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Matt Keys

    (@mattkeys)

    Yes this is something I’m open to, and variations of this have been suggested. I do not have an ETA for the next version of this plugin currently.

    Thread Starter squarecandy

    (@squarecandy)

    Thanks for considering it! No timelines expected on a free plugin, just wanted to log the suggestion.

    For kits intended for use on only one site, the security issue can be mitigated by restricting to a certain domain. But we have some cases where we want to keep it open so we can let a bunch of domains make use without having to login to fontawesome.com and allow each one individually.

    Plugin Author Matt Keys

    (@mattkeys)

    FYI, I ended up spending some time on this tonight along with a few other updates I’ve been sitting on. It’s currently in version 4.0.7 of this plugin. I haven’t fully launched that version yet but it can be downloaded here:

    https://www.ads-software.com/plugins/advanced-custom-fields-font-awesome/advanced/

    Go to “ADVANCED OPTIONS” and download the “Development Version” if you are able to test it out.

    It isn’t 100% what you asked for (a constant to be defined in wp-config). It uses a WordPress filter to set this value, as well as potentially the kit token for people who want to preconfigure that as well.

    From the changelog:

    • Added filter (ACFFA_fa_api_key) to allow for the ability to programmatically set the FontAwesome API key.
    • Added filter (ACFFA_fa_kit_token) to allow for the ability to programmatically set the FontAwesome kit token.
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘API Token Security’ is closed to new replies.