Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a new "Session" Authentication type #1163

Closed
Badgerati opened this issue Oct 8, 2023 · 1 comment · Fixed by #1166
Closed

Add a new "Session" Authentication type #1163

Badgerati opened this issue Oct 8, 2023 · 1 comment · Fixed by #1166
Assignees
@Badgerati
Labels
enhancement ⬆️
Milestone
2.9.0

Comments

@Badgerati
Copy link
Owner

Describe the Change

A new special "Session" authentication type should be added, where the authentication simply expects a Session to be present otherwise a 401, or redirect to login, is returned.

This will help with scenarios where you want either Form, or AzureAD, or Basic authentication - and the user can pick the one they want to use. In this scenario, you'd have 3 login routes that would trigger the appropriate authentication flow, and on success a valid Session will be set on the Request. The Routes can use the Session authentication to verify a valid session, since there's no way to check for either of the 3 above auth methods in an sensible manner - even with the new Merge-PodeAuth, because of OAuth2 redirecting.

My thinking is to just have a new Add-PodeSessionAuth (in Sessions.ps1). This will setup auth to check/grab the session from the pode.sid cookie/header, if it's not there return 401/redirect to login, and if it is present set the auth'd user object appropriately.

If sessions are in used, return a 401. If the session has not auth'd user return a 401 as well.
@Badgerati Badgerati added this to the 2.9.0 milestone Oct 8, 2023
@Badgerati Badgerati self-assigned this Oct 8, 2023
@Badgerati
Copy link
Owner Author

Badgerati commented Oct 8, 2023
edited

Changing to Add-PodeAuthSession, just so it's inline with Add-PodeAuthWindowsAd, Add-PodeAuthIIS, etc.

Badgerati added a commit that referenced this issue Oct 8, 2023
@Badgerati
#1163: add initial session auth func
cd66136
Badgerati added a commit that referenced this issue Oct 11, 2023
@Badgerati
#1163: slight rewrite of access logic: move to own file out of auth, …
30fe4a9 
…make own middleware, update docs and examples
@Badgerati Badgerati mentioned this issue Oct 12, 2023
Merged
@Badgerati Badgerati mentioned this issue Oct 25, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Badgerati Badgerati

Labels
enhancement ⬆️
Projects
🚀 Pode Roadmap
Status: Done
Milestone
2.9.0
Development

Successfully merging a pull request may close this issue.

Adds Session Authentication, and Refactor Authorisation Badgerati/Pode
1 participant
@Badgerati