Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(api): add JWT authentication #205

Merged
merged 12 commits into from
Jun 3, 2022
Merged

feat(api): add JWT authentication #205

merged 12 commits into from
Jun 3, 2022

Conversation

DaughterOfMars
Copy link
Collaborator

@DaughterOfMars DaughterOfMars commented May 26, 2022

Not sure how to handle password stuff. I figure the front end should hash it before sending over http, but this is a weak area for me.

@DaughterOfMars DaughterOfMars changed the base branch from main to staging May 31, 2022 15:42
bin/inx-chronicle/src/api/error.rs Outdated Show resolved Hide resolved
bin/inx-chronicle/src/api/routes.rs Outdated Show resolved Hide resolved
bin/inx-chronicle/src/launcher.rs Outdated Show resolved Hide resolved
@DaughterOfMars DaughterOfMars merged commit 2a06282 into iotaledger:staging Jun 3, 2022
@DaughterOfMars DaughterOfMars deleted the main-jwt branch June 3, 2022 12:59
grtlr pushed a commit to grtlr/inx-chronicle that referenced this pull request Jun 10, 2022
* Initial jwt attempt

* Better error handling. Correct casing for bearer token. Only apply auth to api endpoints and move login to base uri. Fix login info json. Add exp claim to provided jwt.

* Sort

* fix feature gating

* config jwt expiration

* Accept passwords for login instead of hash and configure salt

* Add hex dep to api feature

* Remove unnecessary clippy tag

* Little cleanup to login route
grtlr pushed a commit that referenced this pull request Jun 22, 2022
* feat(api): add JWT authentication (#205)

* Initial jwt attempt

* Better error handling. Correct casing for bearer token. Only apply auth to api endpoints and move login to base uri. Fix login info json. Add exp claim to provided jwt.

* Sort

* fix feature gating

* config jwt expiration

* Accept passwords for login instead of hash and configure salt

* Add hex dep to api feature

* Remove unnecessary clippy tag

* Little cleanup to login route

* PR suggestions

* Use updated auth-helper

* PR suggestions

* PR suggestions

* Clean up allow origins
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants