needless permissions
Opened this issue · 3 comments
Hello, I see in the demo that a gigantic number of permissions is being automatically requested:
This application will be able to:
See Tweets from your timeline (including protected Tweets) as well as your Lists and collections.
See your Twitter profile information and account settings.
See accounts you follow, mute, and block.
Follow and unfollow accounts for you.
Update your profile and account settings.
Post and delete Tweets for you, and engage with Tweets posted by others (Like, un-Like, or reply to a Tweet, Retweet, etc.) for you.
Create, manage, and delete Lists and collections for you.
Mute, block, and report accounts for you.
Now if I was an end user, and was using my Twitter account merely to log into another website, I would never ever proceed with this kind of blanket permission.
So - please reduce the automatic permissions requested to bare minimum and/or allow us to select the set of permissions as props.
Thank you for issue. I'm busy now, and haven't chance to work on that, so any PR welcome
Certainly agree!
this.propTypes: { ...Scopes } interface would be ideal in balancing user privacy with app specific needs.
By default, writable engagement scopes are granted to apps in the Twitter Developer Portal. For a quick workaround, this can be reduced to readable properties which will grant:
* See Tweets from your timeline (including protected Tweets) as well as your Lists and collections.
* See your Twitter profile information and account settings.
* See accounts you follow, mute, and block.
* (Optional Extneded Property) See your email address.
Looking forward to testing PR contributions as well.
this package should not be used on production, so it's not something critical I suppose
any way, I totally agree with you, that "scope" property will be good enhancement, just haven't time on it)