VEDA backend services do not currently implement route level Authorization. In anticipation of a future features request for Authorization we can test out FastAPI Authorization Gateway which allows integration into Fast API. This can also be integrated with transaction support for stac-fastapi which was tested previously (see ticket).
@alukach has also been experimenting with FastAPI Authorization Gateway and SpiceDb for fine grained access controls (i.e allowing a user to only edit certain collections or items)
PI Objective
Acceptance Criteria
[ ] FastAPI Authorization Gateway is implemented in test stac and authorization functionality is validated with stac-fastapi transactions.
What
VEDA backend services do not currently implement route level Authorization. In anticipation of a future features request for Authorization we can test out FastAPI Authorization Gateway which allows integration into Fast API. This can also be integrated with transaction support for stac-fastapi which was tested previously (see ticket).
@alukach has also been experimenting with FastAPI Authorization Gateway and SpiceDb for fine grained access controls (i.e allowing a user to only edit certain collections or items)
PI Objective
Acceptance Criteria