-
-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Alternative, better mechanism for authenticating user than --root #37
Comments
The plugin could set its own random secret (equivalent to how |
For the moment I'm going to lock this down so that it's only visible to the current, authenticated use from |
#52 (option to expose server to other people on your network) makes this even more relevant. I'm going to have a user account called "admin" (because "root" already does some things in the Datasette world, and as language it's less user-friendly than "admin") - the plugin will set a |
Could even do this by calling a special API endpoint, |
Setting cookies from Electron code looks too complicated - I'll go with the simpler mechanism where every new |
I'm going to need to refactor all of the places that create a One exception: this code, because it displays the Lines 185 to 208 in 9a8bf4e
|
Here's how to pass the newWindow.loadURL(`http://localhost:${this.port}/-/auth-app-user`, {
extraHeaders: `authorization: Bearer ${this.apiToken}`,
postData: [
{
type: "rawData",
bytes: Buffer.from(JSON.stringify({ redirect: path })),
},
],
}); This wasn't obvious: the |
Fixed bug where closing all windows and then clicking the icon wauld throw an error. Refs #37
This is partly an alternative to #36 where I wanted to share cookies between multiple
BrowserWindow
instances.But also... I don't like using
--root
because it turns on a bunch of confusing tools that are usually intended for debugging. Instead I thinkdatasette-app-support
should provide a mechanism for signing the user in as"id": "datasette-app"
- then I can use custom permissions to enable things likedatasette-upload-csvs
without turning on debugging menus for the root user.The text was updated successfully, but these errors were encountered: