You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, the basic auth, i.e. username / password, is hardcoded in the UI. We did that to meet our presentation deadline. In the aftermath however, we need to lift this and actually implement the UI part as part of the authentication class:
We need to tackle this as this is a major blocker for anyone who wants to use Ragna in production. There is currently no way to use the UI with any login method other than username and password. However, to be able to log in with OAuth or the like, we cannot keep our current login endpoint on the REST API. Thus, we need a larger refactor here.
The scheme that I have in mind is that the API gets a GET /login endpoint that serves user defined HTML. From there the user can either hit POST /login, i.e. for form data when logging in with basic auth, or GET /oauth-callback if such a scheme is used.
Internally, both endpoints funnel back into a user defined function that validates the login and returns the username that we ultimately store in our DB.
We then redirect to a yet to be designed HTML page that gives the user the option to forge a JWT that includes the user ID.
This JWT is then used as authorization header for the API as well as cookie for the UI.
Currently, the basic auth, i.e. username / password, is hardcoded in the UI. We did that to meet our presentation deadline. In the aftermath however, we need to lift this and actually implement the UI part as part of the authentication class:
ragna/ragna/core/_authentication.py
Line 13 in 6209845
This would enable us and users to switch the authentication method smoothly.
The text was updated successfully, but these errors were encountered: