-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Show logged in user in header #244
Conversation
@worukan Is working on changing the token after at the moment and displaying information from the token in the CLI, so I think we'll wait a bit with this |
This can be handled by showing the username that the user has entered to login. There is no need to add this to the plaintext part of the token and extract it from there. So if cli can get the final token to use the endpoints, the entered username can be displayed as logged in user. |
@worukan I'm not sure I understand. The user won't log in every time they use the CLI. They will login once and the token will be saved on their system and they'll use the token to run commands until the token expires? |
I don't think displaying the username when during a command is a |
Perhaps the cli can remember the username or store it with the token in the token file? |
Not anymore. This functionality will be scrapped entirely by Volkans PR. Also we do not store anything locally except the |
@MatthiasZepper Since we're not able to test at the moment, I can't have a detailed discussion about this. But, the username is always required by the token, otherwise we would never know the |
Yes getting the username from the api by providing the token sounds like a good candidate! It is safer than storing locally assuming that all communication runs on TLS. |
Changed the solution to get username from API. |
Ah nice. I completely forgot that there already is an existing endpoint to display the user information! |
@worukan what's wrong with putting the username in the readable token header? The solution as it stands now will have implications for authentication where an HOTP authentication will be initiated if the token has expired. And potentially one would hit the request limit if one does 10 |
Because it is the wrong place. That token header is mainly for being able to decrypt the token correctly. Just because we can put information in there does not justify doing so. The encrypted token is a special token. It should not be seen as an all-purpose token. If you like I have a new suggestion @alneberg @MatthiasZepper @aanil @inaod568
In this way the expiration time of the encrypted token will come slightly after the signed token, but that is a negligible difference. |
Right, I see. Although I also realised that just skipping the API call for user info in case the token is expired would solve most of my issues as well. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! I might have chosen a different color than red for the username, but that can be changed later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, just a small comment / change
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
Before submitting a pr:
dev
branch