Open donker opened 6 years ago
The next step is to decide how we intend the user to manage his/her websites. Here are a few scenarios:
Plain text/csv file with site plus logins. This is of course not good practice and unsafe. But it is trivially simple to do.
If the user wishes to add a site they run a command along the lines "Add-Site {url}". At that moment our code would prompt for a login and get the token. The token then gets added to a local store (where/how?) so that every time we wish to use this url we can use the token.
There are a few hurdles to take in the second example. And keep in mind that the token can be renewed but at some point the renewal will time out and the user needs to log in again. So there is a scenario that even though we have a JWT for the site the renewal can't be done and the user needs to supply his/her credentials again.
Is it safe to assume the code you wrote that you are referencing in this thread is the code you submitted in the PR #6 ? I'll be taking a look at the PR at some point tomorrow
The code above is sufficient for a proof of concept. I.e. can I authenticate and run a command through the WebAPI from Powershell? That worked.
PR #6 is how I'd set up the project given the success of the code above. It's far from complete but provides the basic mechanism described above and tidied up.
I created the following code to show how you can access the WebAPI through JWT. This should be the basis for the code we'll create.
The token is simply this:
Note you need to enable JWT and if you're running locally over http (not https) then you need to adjust the web.config to allow for this.