Login to download the latest version of Mint and your favorite Pepper, purchase additional licenses, or post in the Forum. Don't have an account? Create one!
Now, I do not let my visitors see my mint stats. We have a few computers in our workplace shared by many.
I regularly check Mint and I like to see it immediately without logging in each time, and I have no problems that my colleagues see the stats either. But it’d be a problem if someone changed my preferences!
I like Mint remembering my cookie several hours later, but the preferences entry should be controlled by a separate cookie, which should have a time / or document close contraint.
Hey open preferences, and under the login change, there’s a checkbox that you select to ‘allow anyone’ to see Mint - that way, the preferences button DOES turn into a login button.
Try that and let me know
I’ll add: they’ll see the same layout you see, but won’t be able to change up which peppers are viewable, (disabled vs enabled), they’ll have to login for that.
I’ve posted before about possibly adding multiple logins, but that’s not something Mint is going to support. If you’re looking for a similar solution to multiple logins, enabling client mode and dropping mint into a pass-protected portion of your domain (or subdomain) woudl be best.
You cannot put Mint in a password protected directory. That will prevent Mint from tracking anyone who isn’t authorized to view that directory (and they’ll see a browser generated login/password alert on every page view).
There’s a less-software solution to this problem: Logout when you are done using Mint (most browsers can auto-complete the login form the next time you return) or learn to trust your colleagues.
The way Mint handles login isn’t going to change.
Cloggin, Shaun, thanks for taking your time to post.
Cloggin, I still do not want my ordinary visitors to see my mint, don’t want the extra overhead.
Shaun: Multiple logins are not necessary for what I am asking, but a cookie based allow / expire should suffice for the preferences part, that is, stats part would allow indefinite login like now, but preferences part would check for last login time and would ask for a fresh login for the session, using the very same password.
I actually do trust my colleagues, it is just that they are clueless about computers, and they may break anything anytime! (I am working in a hospital). Also allowing for indefinite login is a security problem no matter what, even when you have the best computer practices like loggin out etc, computer may crash before you can log out, you might have to rush for an emergency situation (which does happen a lot in a hospital setting :) ) and more examples could be given.
The solution does/should not require any complicated programming or a major revision of Mint login handling code, I suppose, just a cookie check based on time would be nice.
Re-logging in to change the preferences values in non-visitor mode seems like a good idea, tho, that’d take care of the security issue, If I understood you correctly in the “I’ll add..” part.
Is it possible to put a .htaccess login on the preferences path? http://yoursite.com/mint/?preferences is how it appears but what if you put a password on to that exact link? Or the actual direct path to preferences, whatever it is.
It’s probably a stupid idea but I thought I’d throw it into the hat.
@giginger: I don’t think that’s possible. I’d have hoped Shaun would have more to say on security than teaching us to trust colleagues. I mean, come on :)
I’d like multiple logins only because I want one configuration for my mobile device. Anyone working on a solution that will run mint in single-column mode at 320 wide? It is a pain to have to constantly switch back and forth.
You must be logged in to reply. Login above or create an account
