Skip to content
  • 0.6.1
  • 7feb6bb
  • Compare
    Choose a tag to compare
    Search for a tag
  • 0.6.1
  • 7feb6bb
  • Compare
    Choose a tag to compare
    Search for a tag

@simonw simonw released this Feb 6, 2020 · 1 commit to master since this release

If you are running multiple Datasette plugins this plugin will now attempt to go last and wrap all of the other plugins, ensuring they too will be protected by authentication.

Assets 2
0.6

@simonw simonw released this Feb 6, 2020 · 3 commits to master since this release

The previous release always forwarded the ?host= header on to the authentication API. This release no longer does that by default, but instead allows you to configure one or more headers that should be passed on in a similar way - issue #10.

To get back the same behavior as release 0.5, use this configuration:

{
    "plugins": {
        "datasette-auth-existing-cookies": {
            "api_url": "http://www.example.com/user-from-cookies",
            "auth_redirect_url": "http://www.example.com/login",
            "original_cookies": ["sessionid"],
            "headers_to_forward": ["host"]
        }
    }
}
Assets 2
  • 0.5.1
  • df533e9
  • Compare
    Choose a tag to compare
    Search for a tag
  • 0.5.1
  • df533e9
  • Compare
    Choose a tag to compare
    Search for a tag

@simonw simonw released this Feb 5, 2020 · 6 commits to master since this release

Fix error triggered by combining this plugin with datasette-upload-csvs.

Assets 2
0.5

@simonw simonw released this Feb 5, 2020 · 8 commits to master since this release

  • New trust_x_forwarded_proto configuration setting to fix issues with the incorrect ?next= URL being generated when running behind a proxy that adds https://. #8
  • The api_url used to check the user's identity can now also perform permission checks, returning {"forbidden": "Reason string here"} if the authenticated user should not be allowed access to the Datasette instance specified by the ?host= parameter. #9 - documentation here: https://github.com/simonw/datasette-auth-existing-cookies/blob/master/README.md#permissions
Assets 2
  • 0.4.1
  • 912ccbd
  • Compare
    Choose a tag to compare
    Search for a tag
  • 0.4.1
  • 912ccbd
  • Compare
    Choose a tag to compare
    Search for a tag

@simonw simonw released this Feb 5, 2020 · 12 commits to master since this release

Fixed error caused by host= URL construction.

Assets 2
0.4

@simonw simonw released this Feb 4, 2020 · 14 commits to master since this release

The API URL is now called with a ?host=blah.example.com argument, allowing the underlying API to make permission decisions based on the host.

Assets 2
0.3

@simonw simonw released this Feb 4, 2020 · 16 commits to master since this release

First non-beta release.

Assets 2

@simonw simonw released this Jan 28, 2020 · 24 commits to master since this release

  • Cookie signing secret can now be set using metadata.json, or will be automatically generated on first run
  • Optional next_secret secret can be used to sign the ?next_sig= parameter when redirecting to the login page
Assets 2

@simonw simonw released this Jan 28, 2020 · 30 commits to master since this release

  • Renamed from datasette-auth-cookies-api
Assets 2
You can’t perform that action at this time.