Add stateless authentication #49
Merged
Commits on Jan 24, 2017
-
add stateless token authentication. The user must be logged in by '/login' by sending a JSON form with user and pass, and in case the authentication is successful, a token is returned in the Header 'X-AUTH-TOKEN', otherwise an authenticated error is sent. Also, when trying to access a resource which is not '/login' or '/' and no token is provided, a 401 unauthorized error will be returned. - implement login authentication filter - implement authentication filter for logged users - implement handler to return unauthorized message [NOT TESTED] implement stateless authentication filter with JWT token obtention [WORKING] implement stateless login filter && restricted access to resources only to authenticated users, except for LOGIN [WORKING] replaced 403 (forbidden) return value for 401 (unauthorized)
-
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.