Prateek
NNovu
•Created by Prateek on 10/25/2024 in #💬│support
Why Novu Web Widget stores auth_token in local storage?
I don't understand why Novu Web Widget needs to store the auth token for APIs like /feed, /unread etc in local storage.
This is not a good practice, since someone running a malacious script in any app (where we are using Novu Widget) can copy local storage contents to their server
The Novu token then allows the attacker to access all notification data of the subscriber.
Is there a way where the web widget can avoid local storage altogether or the only approach is to have our own implementation of web widget of Novu?
5 replies
NNovu
•Created by Prateek on 10/27/2023 in #💬│support
Send an in-app notifcation to all people in cc of an email
For cases when I want to send a single email to a user A in ‘to’ and 3 users in CC: [B,C,D] and also 4 individual in-app notifications to A,B,C,D, achieving this with a single workflow doesn’t look possible. The only possibility we found is creating 2 different workflows with a single step in each (one workflow has an email channel while other has an in-app channel).
The problem with this flow - if these workflows are enabled in preferences (not marked as critical) then the customer will see 2 workflows on their end which are essentially same and they will have to either turn off both or turn on both to stop receiving or continue receiving these notifications.
Any ideas how one can acheive this?
6 replies