Open niallobrien opened 8 years ago
EduardoAC
commented
8 years ago @niallobrien I'm with you security it's really important when you are using any API, currently, I'm getting inspiration from Ghost API beta that they released a few months ago. You can find some inspirations as I'm doing right now.
niallobrien
commented
8 years ago @EduardoAC Nice, got anything you can share?
EduardoAC
commented
8 years ago @niallobrien no yet but I will do when I have ready, please do the same if you finish earlier than me
niallobrien
commented
8 years ago Hi @EduardoAC - sorry, I never got around to this. Any progress on your end?
EduardoAC
commented
8 years ago Hi @niallobrien, I moved to work in other things as well, waiting for the react version and forgot about this. Do you have plans to come back to this?
niallobrien
commented
8 years ago Do you think the new version will make this package redundant as they'll have to build a secure API for the new React SPA version?
Hi, great package, I'm just wondering how you recommend tackling securing a KeystoneJS REST API? I'm assuming ideally we'd use JWTs and would need to provide an endpoint for users to get their tokens, then pass that token with each request in the header and Keystone would check that for each request. Just not sure how to implement. Thanks in advance.