Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Token authentication #16

Closed
graft opened this issue Jan 11, 2018 · 3 comments
Closed

Token authentication #16

graft opened this issue Jan 11, 2018 · 3 comments
Projects
Etna

Comments

@graft
Copy link
Contributor

graft commented Jan 11, 2018

Token authentication takes a signed JWT, validates it using a public key and the expiration timestamp, and creates an Etna::User and adds it to the rack request object.

If the authentication fails for any reason, the user gets a 401.

The Etna::User exposes a basic permissions methods API (can_edit?(project_name), etc.) which controllers can use for checking if the user is valid.
@graft graft created this issue from a note in Etna (In Progress) Jan 11, 2018
@graft
Copy link
Contributor Author

graft commented Jan 11, 2018

In d0406ff I add Etna::Auth and Etna::User - the former checks the existence of the token and validates it, then creates an Etna::User object that the controller can use for checking permissions.

@graft
Copy link
Contributor Author

graft commented Jan 11, 2018

In b9e12fc I add a Etna::TestAuth rack layer which can be used in place of Etna::Auth for use with testing.

@graft
Copy link
Contributor Author

graft commented May 17, 2018

Fixed by #2

@graft graft closed this as completed May 17, 2018
Etna automation moved this from In Progress to Done May 17, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Etna
  
Done
Milestone
No milestone
Development

No branches or pull requests
1 participant
@graft