Open billmeek opened 9 years ago
dmfrey
commented
7 years ago For this, is there instructions to enable this on the backend anywhere? I'm hesitant for basic and digest authentication. Ideally, I would like to see an OAuth service added to the backend. You are allowing the app to act on behalf of the user on the backend. Plus it's more secure and can be backed by another trusted provider if desired.
billmeek
commented
7 years ago No instructions, or even GUI. I've got some new methods coded up for the backend to add/change/delete passwords. The next step would be new endpoints to use the new code.
I can't find any mention of OAuth in the existing code. I know we discussed this briefly at dinner in Indy. As I recall, there isn't any Digest authentication in Spring, only Basic.
I've been testing the backend with both Basic and Digest (mostly Digest.)
In 0.28-pre, users can activate basic and digest authentication with:
Where the '/' protects everything, including all Services API services. '/Myth;/Content' would only protect 2 services.
Probably needs an upstream GUI to change the setting before implementing the feature in the app.