search

Kinto / kinto.js

An Offline-First JavaScript Client for Kinto.
http://kintojs.readthedocs.io/
Other
318 stars 72 forks source link

Expose a nicer way to authenticate requests #1764

Open n1k0 opened 8 years ago

n1k0 commented 8 years ago

Currently, achieving authentication is done that way (here basic auth):

import KintoClient, { basicauth } from "kinto-client";

const client = new KintoClient("http://", {
  headers: {
    Authorization: "Basic " + btoa("user:pass")
  }
});

While we should definitely keep the ability to pass a generic custom Authorization header, we should probably enhance the developer experience a little by providing a slightly nicer API:

import KintoClient;

const username = "chuck";
const password = "r0undh0use";
const client = new KintoClient("http://")
  .auth("basicauth", {username, password});

const client.bucket("default").collection("posts")
  .createRecord({...}) // creates a record reusing the auth bits

For other authentication methods/policies, the first argument is the policy identifier, and the second one is an object holding the required parameters for this policy:

const token = "<github api token>";
const client = new KintoClient("http://")
  .auth("github", {token});

Feedback? Thoughts?

almet commented 8 years ago

I really like the idea of having this defined like that. I wonder if there is already a standard mechanism in JavaScript like python has requests authentication? If so, we should use it, otherwise let's keep it like that!

Natim commented 8 years ago

I really like the idea of having this defined like that.

:+1:

leplatrem commented 6 years ago

Currently, there is no way to specify auth headers after instantiation.

For example, if I do:

slav0nic commented 4 years ago

Also will be nice extending functionality for support HttpOnly cookies, currently here is no way for add credentials params to fetch() call https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch#Parameters

for example in axios i do something like : axios.defaults.withCredentials = true or axios.get('...', {withCredentials: true});