Added Basic HTTP Authorization support #32
Conversation
|
Hey, I like these suggestions and I checked with our QA (who's actually driving our run with iodocs) and he's all up for that too. Regarding the format of the "basicAuth" object I think the two examples present two different use cases so the user will need to be able to provide whichever configuration they need and iodocs shall behave accordingly, so maybe: "basicAuth":{
}would render username/password fields at the top, "basicAuth":{
"username":"testUser",
"password":"testing"
}would not render anything but use the provided name/pass for authentication (I know hard-coded stuff is not very nice but I'm 100% sure this is a very real use case), and "basicAuth":{
"username":{
"param": "accountName"
},
"password":{
"param": "accountPass"
}
}shall tell iodocs to use those parameters from the method inputs. I've also had another thought about a more rare case when the API would require a different authentication mechanism or simply a little enhanced security for some of the methods - that is, the API may be freely accessible through most methods but require authentication for a limited set. To cater for that case the "auth" object could be "cascaded" or overridden in method definitions (at the method level) or at the endpoint level thus affecting all methods of the endpoint. I'm sure this feature can be given lowest priority but still worth considering. As for arrays vs. objects I always decide on a very simple basis - I prefer objects when possible as I tend to read them easier and I think they give better sense of hierarchy, but when the order of properties matters then arrays should be used. Cheers |
|
Basic auth feature added for both Node server level and API request level. |
Basic HTTP Auth can be specified to have the server send the "Authorization" HTTP header with given username and password.