I have ran into what appears to be a large security issue with QuickConnect and was wondering if this was a known issue or if there is some work around.
So lets say i created a user named "bob" with password "123" using the quick register method. That is all fine i can't login to bob without knowing his password using the quickconnect method.
But, if i use the connect method i can simply say the user is "simplebob" provide no password and i am given access to that account.
Right now i am using connect and just rolling my own validation with the server.That also means i will have to wrap simple commands, such as debit into the server as well because the server doesn't know what method the user connected by.