[WUT] Adam I was talking with Robot and we were discussing the possibility of a makeshift JWT authentication system for Applab and utilizing record tables to send POST requests. The idea was that the user would send a normal GET request using getImageData with either the username and password or the user ID as payload to the backend. The server would send back the usual response - a status code, some body data, and more importantly, a key that would be used to encrypt messages.
When any data gets transferred, the key shifts to something new so that the messages between the user and backend stay secure. Your users' data also stays secure, as all the storage would be hidden and decentralized. Being handled by the hosted server, you could monitor all the actions with a REAL audit log, and even have saved backups.
It sounds like a lot to do, but it's very straightforward (in theory), a lot of it I'd done already in my Photop in CDO mini-project. I could make a quick example if you'd like to see how it actually works.
