Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Protecting REST endpoints with access tokens and/or JWTs #77

Closed
dinosk opened this issue Aug 2, 2018 · 1 comment
Closed

Protecting REST endpoints with access tokens and/or JWTs #77

dinosk opened this issue Aug 2, 2018 · 1 comment
Assignees
@leticiawanderley
Projects
GitLab-Integration UI-Basics
Milestone
UI-Basics

Comments

@dinosk
Copy link
Member

dinosk commented Aug 2, 2018

The endpoints that will be queried from the UI will require a valid JWT, which is provided when a user logs in with a valid username (email) and password (access token for now).
Currently, these endpoints are expecting an access token. In order to maintain both methods, we would need to identify the origin of the requests: UI -> JWT, API -> access token.

... Or we could even consider dropping the access tokens entirely, and add a reana-client login --email ... --password ... command (relevant auth0.com blog post).
There are a few challenges here, one I can see, would be passing a JWT in the openapi requests (which is possible), another would be finding an elegant way of storing the JWT on the user machine after it is attained (we could perhaps show a #export JWT=.... message similar to reana-cluster env).
@dinosk dinosk added this to the UI-Basics milestone Aug 3, 2018
@diegodelemos diegodelemos added this to To do in GitLab-Integration via automation Jun 24, 2019
@leticiawanderley leticiawanderley self-assigned this Jun 25, 2019
@leticiawanderley leticiawanderley moved this from To do to In progress in GitLab-Integration Jun 27, 2019
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 3, 2019
api: add JWT required endpoints
2ed1da3 
Closes reanahub#77

Signed-off-by: leticia <leticia.farias.wanderley@cern.ch>
@leticiawanderley leticiawanderley mentioned this issue Jul 3, 2019
Closed
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 3, 2019
api: add JWT required endpoints
5d791b7 
Closes reanahub#77

Signed-off-by: leticia <leticia.farias.wanderley@cern.ch>
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 4, 2019
api: add JWT required endpoints
414a70e 
Closes reanahub#77

Signed-off-by: leticia <leticia.farias.wanderley@cern.ch>
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 4, 2019
api: add JWT required endpoints
53ec4d5 
Closes reanahub#77

Signed-off-by: leticia <leticia.farias.wanderley@cern.ch>
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 8, 2019
api: add JWT required endpoints
e5bfe73 
Closes reanahub#77

Signed-off-by: leticia <leticia.farias.wanderley@cern.ch>
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 8, 2019
api: add JWT required endpoints
eb9a162 
Closes reanahub#77

Signed-off-by: leticia <leticia.farias.wanderley@cern.ch>
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 9, 2019
api: add JWT required endpoints
f2d0dd8 
Closes reanahub#77

Signed-off-by: leticia <leticia.farias.wanderley@cern.ch>
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 10, 2019
api: add JWT required endpoints
07f7780 
Closes reanahub#77

Signed-off-by: Leticia Farias Wanderley <leticia.farias.wanderley@cern.ch>
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 10, 2019
api: add JWT required endpoints
2358d0f 
Closes reanahub#77

Signed-off-by: Leticia Farias Wanderley <leticia.farias.wanderley@cern.ch>
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 10, 2019
api: add JWT required endpoints
6f7c9c2 
Closes reanahub#77

Signed-off-by: Leticia Farias Wanderley <leticia.farias.wanderley@cern.ch>
leticiawanderley pushed a commit to leticiawanderley/reana-server that referenced this issue Jul 24, 2019
api: add JWT required endpoints
bb7063e 
Closes reanahub#77

Signed-off-by: Leticia Farias Wanderley <leticia.farias.wanderley@cern.ch>
@diegodelemos
Copy link
Member

Closed by #160. We use the session cookie for browser clients and tokens for CLI clients.

GitLab-Integration automation moved this from In progress to Done Aug 7, 2019
@tiborsimko tiborsimko added this to Done in UI-Basics Oct 7, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@leticiawanderley leticiawanderley

Labels
None yet
Projects
No open projects
GitLab-Integration
  
Done
UI-Basics
  
Done
Milestone
UI-Basics
Development

Successfully merging a pull request may close this issue.

api: add JWT required endpoints leticiawanderley/reana-server
3 participants
@dinosk @leticiawanderley @diegodelemos