jasima/lawa
3
0
Code Issues 1 Projects Packages Wiki Activity Actions

Implement authentication using Starlette's AuthenticationMiddleware #1

New issue
Open
opened 2025-05-28 15:04:19 +00:00 by irl · 0 comments
irl commented 2025-05-28 15:04:19 +00:00
Owner
Copy link

Currently authentication for almost all endpoints (the OpenTofu state endpoints used directly by tofu being the exception as they cannot use OAuth2) is implemented via dependency injection. This is fine for now and will probably be just fine while implementing the mirrors module.

Starlette does, however, have an AuthenticationMiddleware that we can take advantage of, that has some nice decorators. It's not currently clear how beneficial it is to use this as it won't help with the per-organisation permissions but it may make it easier to not mess up authentication even if it's not a good fit for our authorisation needs.

The transition can be per-endpoint and both systems can run in paralell with no issues.

Currently authentication for *almost* all endpoints (the OpenTofu state endpoints used directly by `tofu` being the exception as they cannot use OAuth2) is implemented via dependency injection. This is fine for now and will probably be just fine while implementing the mirrors module. Starlette does, however, have an [`AuthenticationMiddleware`](https://www.starlette.io/authentication/) that we can take advantage of, that has some nice decorators. It's not currently clear how beneficial it is to use this as it won't help with the per-organisation permissions but it may make it easier to not mess up authentication even if it's not a good fit for our authorisation needs. The transition can be per-endpoint and both systems can run in paralell with no issues.
irl added this to the Core project 2025-05-28 15:04:19 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
No results found.
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Core
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: jasima/lawa#1
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?