This repository has been archived by the owner on Apr 16, 2023. It is now read-only.
[🚀] Authentication/Authorization service for REST controllers (basic) #203
Labels
api
Related to API changes / additions (internal API)
enhancement
New feature or request
feedback wanted
Extra discussion is needed
integration
Related to integration with OS & other projects (external API)
Comments
MarkL4YG
added
enhancement
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Describe the solution you'd like
Since plugins tend to implement REST controllers to improve accessibility of functions that are already available as commands, we should provide some similar basics here too.
One of those basics would be user Authentication (As in: Does this request originate from a specific user and - if so - from who is it?) and Authorization (As is: Is the actor allowed to peform this action?)
Describe why you would like to see this implemented
As desirable as a full-blown authentication & authorization mechanism would be, we should start somewhere more basic.
The basic needs are defined by these statements:
IUser(or at leastISubject). [Authentication]Authorizationheader should be used for this and we should start with the non-standardTokenauthorization scheme. (SimpleIUser->IAuthenticationTokenassociation)The text was updated successfully, but these errors were encountered: