Enhancement Request: Improving Authentication Scanning Process
knassar702 opened this issue · 1 comments
Currently, the usage of custom headers such as Cookies or X-API for authentication scanning falls short in effectively enhancing the process. To address this limitation, we propose the addition of additional functions to the input-handler script that can better control the authentication flow.
We suggest the inclusion of two specific functions to augment the authentication process:
-
Login Function: This function would facilitate the authentication by handling the login process. By integrating this function into the input-handler script, we can ensure that the scanner is authenticated before proceeding with the scanning activities.
-
Logout Check Function: This function would be responsible for verifying whether the scanner has been logged out or not. By periodically checking the authentication status, we can detect any unexpected logout events and take appropriate actions accordingly.
By implementing these additional functions, we aim to enhance the overall authentication scanning process, providing better control and ensuring the scanner's uninterrupted access to the necessary resources.
We welcome any feedback or suggestions regarding these proposed enhancements and are open to further discussions on how to improve the authentication scanning mechanism.
UPDATE: Since Lotus is focusing on performance, instead of running the logout check function after every request, we can execute that function using the "--requests-limit" option. This option will cause Lotus to sleep and run the Lua function.