While the recommendation will always be that this server is run completely offline, we want to make sure that if a user wants to take the risk and go online, that we do some protection. i.e. the mqtt server must be limited in a way that no one can send messages unless they are trusted
Requirements:
- During app onboarding, we need to store the RRIOT information and mark it as valid.
- For all other calls, we need to generate the RRIOT information and store it.
- Users should be able to enable or disable auth.
- Users should be able to see all of the logged in instances and remove auth for one of them.
- Auth should never expire.
- Users should be able to do a code login to the server. must be their email and then a pin that they set.
Side Effect:
- Existing instances will have to reauth.
While the recommendation will always be that this server is run completely offline, we want to make sure that if a user wants to take the risk and go online, that we do some protection. i.e. the mqtt server must be limited in a way that no one can send messages unless they are trusted
Requirements:
Side Effect: