esune
commented
1 month ago +1 to having a design step first, rather than diving right in with code changes as this is a pretty sensitive use case.
Closed loneil closed 2 weeks ago
esune
commented
1 month ago +1 to having a design step first, rather than diving right in with code changes as this is a pretty sensitive use case.
Gavinok
commented
1 month ago @loneil Could we not simply do something similar to the innkeeper_only decorator but with a dedicated check to determine if the tenant associated with this wallet is active?https://github.com/bcgov/traction/blob/main/plugins/traction_innkeeper/traction_innkeeper/v1_0/innkeeper/routes.py#L54
We set soft-deleted tenants by adjusting their state, and we'll delete existing API keys.
What we'll need to do as well though is prevent them from using that tenant with their Wallet credentials. So at the point someone tries to go get a token with wallet credentials for a tenant in deleted state, reject that as unauthorized.
As well, outstanding tokens should not be able to be used for any API call if the tenant is deleted. So when checking a token, the tenant state should be inspected.
Above should have some investigation/discussion before starting. Should look at auth decorators implemented in ACA-Py 1.0.0 as well