[Modules/Frontend] make sure modules understand auth

CityScope / CS_CityIO

Serverside script for the cityscope platform

https://cityio.media.mit.edu

14 stars 8 forks source link

[Modules/Frontend] make sure modules understand auth #102

Closed yasushisakai closed 4 years ago

yasushisakai commented 4 years ago

As we are about to have authenticated users and restricted tables, modules need to be aware of adding info to the header of their HTTP request.

Modules will have to

Authorization: Bearer LONG_TOKEN_PROVIDED_BY_YASUSHI

to their requests.

RELNO commented 4 years ago

It should be noted not to commit the token with your modules.

yasushisakai commented 4 years ago

Related to this, I want to ask for you what method we prefer for storing secret keys and API tokens. dotenv seems something consistent across other languages and frameworks.

yasushisakai commented 4 years ago

there is no upcoming need to ensure auth... at... the... moment