search

PowerShell / Polaris

A cross-platform, minimalist web framework for PowerShell
https://powershell.github.io/Polaris/
MIT License
512 stars 114 forks source link

Question: Authentication #190

Closed Stephanevg closed 5 years ago

Stephanevg commented 5 years ago

Hi @Tiberriver256 / @TylerLeonhardt

I was scanning your documentation summary for information on 'Authentication'. Unfortunatley, I couldn't find a topic called like that (Perhaps it is simply hidden somwhere else?).

I was trying to figure out if it was possible to handle some authentication stuff (like, this member of this AD group, cannot access to this route).

I think I read something in that direction once, and couldn't find it. Would you mind pointing me in the right direction?

Thanks

Stéphane

Tiberriver256 commented 5 years ago

Hey Stephane,

Looks like another gap in the docs. I'll write something up here shortly.

apetitjean commented 5 years ago

I'm looking forward reading it too! ;-)

Stephanevg commented 5 years ago

Hey @Tiberriver256 , I was planning to this one at work in a few. Is there something I can look into ? (Even a draft would be do the trick)

copdips commented 5 years ago

I think we can implement the auth by ourselves by checking the headers in a middleware, and let Polaris as light as possible.

TylerLeonhardt commented 5 years ago

You folks may want to look at Pode which seems a bit further along in this space than Polaris

Cc @badgerati

Tiberriver256 commented 5 years ago

I started up a short draft here that should be enough to get you started:

https://github.com/Tiberriver256/Polaris/blob/new-authentication-documentation/docs/about_Authentication.md

Stephanevg commented 5 years ago

Why you saying that @tylerleonhardt? Does Polaris doesn't has support for authentication?

Badgerati commented 5 years ago

Hey!

As per @Tiberriver256 draft, it's definitely possible to do this in Polaris with Window's AD and have group validation.

Where Pode is bit further ahead, is that Polaris does its authentication via HttpListener, where as Pode is independent and has its own authentication logic using middleware (making it easier to have custom authentication strategies, or when implementing against AWS/Azure Functions).

Tiberriver256 commented 5 years ago

@Stephanevg - Check out PR #192 and let me know what you think of the docs.

Stephanevg commented 5 years ago

Hi @Tiberriver256 Yeah, that looks perfect. It will allow people to get started with it! Thanks for updating it :) ('ill close this one once it i merged)