• Corgana@startrek.website
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Dang, phtn.app is nicer than vger.app on desktop! How do “apps” like this work as far as privacy goes? Are you storing user logins/passwords? Or is it “passed though”?

    • Xylight (Photon dev)@lemmy.xylight.dev
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      The client doesn’t store passwords at all, but the client does store your token in localStorage (it’s necessary so that we can make authenticated requests). The only way your account could get hacked is if they gain access to your browser and look through localStorage. If they have access to your computer, you have other problems though. If they do gain access, you can invalidate the JWT by changing your password.