Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add stateless authentication #49

Merged
merged 2 commits into from
Jan 24, 2017
Merged

Add stateless authentication #49

merged 2 commits into from
Jan 24, 2017

Conversation

gibarsin
Copy link
Collaborator

@gibarsin gibarsin commented Jan 22, 2017
edited
Loading

Summary

add stateless token authentication. The user must be logged in by '/login' by sending a JSON form with 'dni' and 'pass' attributes, and in case the authentication is successful, a token is returned in the Header 'X-AUTH-TOKEN', otherwise an authenticated error is sent. Also, when trying to access a resource which is not '/login' or '/' and no token is provided, a 401 unauthorized error will be returned.

  • implement login authentication filter
  • implement authentication filter for logged users
  • implement handler to return unauthorized message

Trello Card

https://trello.com/c/JwODYZqa/13-stateless-authentication

@codecov-io
Copy link

codecov-io commented Jan 22, 2017
edited
Loading

Current coverage is 9.50% (diff: 0.00%)

Merging #49 into development will decrease coverage by 0.28%

@@           development       #49   diff @@
============================================
  Files               83        89     +6   
  Lines             2430      2504    +74   
  Methods              0         0          
  Messages             0         0          
  Branches           181       186     +5   
============================================
  Hits               238       238          
- Misses            2192      2266    +74   
  Partials             0         0

Powered by Codecov. Last update d36e200...6bbcf76

@gibarsin
Add stateless authentication
a3bfaba 
add stateless token authentication. The user must be logged in by '/login' by sending a JSON form with user and pass, and in case the authentication is successful, a token is returned in the Header 'X-AUTH-TOKEN', otherwise an authenticated error is sent. Also, when trying to access a resource which is not '/login' or '/' and no token is provided, a 401 unauthorized error will be returned.

- implement login authentication filter
- implement authentication filter for logged users
- implement handler to return unauthorized message
[NOT TESTED] implement stateless authentication filter with JWT token obtention

[WORKING] implement stateless login filter && restricted access to resources only to authenticated users, except for LOGIN

[WORKING] replaced 403 (forbidden) return value for 401 (unauthorized)
@gibarsin
Add codecov config
210052e
@gibarsin gibarsin merged commit 34c35a5 into development Jan 24, 2017
@gibarsin gibarsin deleted the statelessAuthentication branch January 24, 2017 23:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MatiasMercado MatiasMercado MatiasMercado approved these changes

Assignees

@MatiasMercado MatiasMercado

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gibarsin @codecov-io @MatiasMercado