Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Use django_oauth_tools to implement better auth for Portal API #1006

Open
swainn opened this issue Jan 19, 2024 · 0 comments
Open

[FEATURE] Use django_oauth_tools to implement better auth for Portal API #1006

swainn opened this issue Jan 19, 2024 · 0 comments
Assignees
@swainn
Labels
feature request security

Comments

@swainn
Copy link
Member

swainn commented Jan 19, 2024

Is your feature request related to a problem? Please describe.
The Tethys Portal API was put together haphazardly to support the experimental React template and is using simple session auth to verify authentication:

tethys/tethys_portal/views/api.py

Line 25 in 9f5b60c

if not request.user.is_authenticated:

This works ok, but it would be better and probably more secure to implement an oauth/token pattern. This would also support our use case of the API for federating Portals in the future.

Describe the solution you'd like
Use django_oauth_tools to implement better auth for Portal API: https://django-oauth-toolkit.readthedocs.io/en/latest/rest-framework/getting_started.html#step-2-create-a-simple-api

Describe alternatives you've considered
N/A

Additional context
N/A
@swainn swainn self-assigned this Jan 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@swainn swainn

Labels
feature request security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@swainn