Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Api redesign #82

Merged
merged 7 commits into from Jan 16, 2020
Merged

Api redesign #82

merged 7 commits into from Jan 16, 2020

Conversation

@marcel-dancak
Copy link
Collaborator

marcel-dancak commented Jan 10, 2020

Goal of this PR:

  • better organization of API endpoints
  • remove some legacy code and improve structure of server's Django apps
  • upgrade Django to version 3
  • separation of backend and frontend. Update of code and dockerfiles for build of two separate docker images
  • new optional accounts server extension (API) for Sign Up and Password Reset
@jachym
jachym approved these changes Jan 10, 2020
Copy link
Collaborator

jachym left a comment

Looks good


from . import basic_auth

# def basic_authentication(realm='API'):

This comment has been minimized.

Copy link
@jachym

jachym Jan 10, 2020

Collaborator

So, this is no longer needed?

This comment has been minimized.

Copy link
@marcel-dancak

marcel-dancak Jan 10, 2020

Author Collaborator

Basic authentication is currently used in /api/map/ows/ endpoint:
https://github.com/gislab-npo/gisquick/blob/api-redesign/server/webgis/map/views.py#L48

I think we cannot use decorator for this kind of authentication, because it depends on project settings, and we don't have access to this kind of information in decorator. For public projects it shouldn't be checked, otherwise browser will ask for password, if decorator return 401 response with WWW-Authenticate header. That's why this functionality was moved into ows view, after project permissions check. It's not definitely impossible to use decorator in the future, but we should have unified way of passing project info in API requests, but currently with single endpoint with basic auth support, it's probably fine to handle this functionality inside view.

@marcel-dancak marcel-dancak merged commit 882f493 into master Jan 16, 2020
@marcel-dancak marcel-dancak deleted the api-redesign branch Jan 16, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.