developmentseed / eoapi-risk

An implementation of eoAPI for Risk data and the Humanitarian sector
MIT License
2 stars 0 forks source link

Create STAC metadata editor #4

Closed batpad closed 10 months ago

batpad commented 1 year ago

It would be really great to have a way to browse the STAC catalog as well as do basic metadata editing.

Speaking to @oliverroick, we think it's a good idea to create this as a django project / app.

It's a probably a good idea to time-box something here to evaluate whether it seems like it is going to work - i.e. can we get the ORM talking to the pgstac db cleanly, can we get some good way to edit the JSON metadata object, etc.

Once we decide if we want to go ahead with this, we can decide whether to make it a separate django-stac thing or have it live in this code-base, etc.

cc @geohacker @zacharyDez

batpad commented 1 year ago

Based on some initial experiments and then further discussions with @bitner, we've decided not to use Django for the metadata editor. Using the Django ORM to interact with the STAC db was not a good idea, and at that point, it felt less useful to use Django for this. Also, stac-fastapi now supports write operations to edit metadata, so we could just make a standalone single page app frontend to do basic metadata editing.

Editing the Title of this issue to remove the Django reference - @oliverroick will start work on a separate standalone STAC metadata editor, focussed on the IFRC use-case.

oliverroick commented 1 year ago

For reference, the work on this happens in the stac-admin repo

alukach commented 10 months ago

@oliverroick Happy to sync with you about the OAuth2 flow for authentication from a frontend client.

A quick summary: we'll need to have an OAuth2 client registered with JupyterHub with a redirect_uri set to the URL of view which will receive the auth code from JupyterHub. The frontend will then exchange the auth code for an auth token by POSTing to an API endpoint which will manage the exchange of the auth code with JupyterHub (the API is necessary as we need a client_secret for the exchange).

For more information, see a demo of the API here: https://github.com/developmentseed/jupyterhub-fastapi-auth-demo

Hoping we can get rid of the API component by support PKCE auth flow (tracking that in this issue)

Some tasks:

batpad commented 10 months ago

@alukach can we ticket auth separately in https://github.com/developmentseed/stac-admin ?

Am trying to see what we can do about PKCE support in JupyterHub as well.

Going to close this issue here, since the STAC metadata editor we needed for the eoAPI risk demo is done and working nicely!