search

dotkernel / api

DotKernel's PSR-7 REST style API built around the Mezzio API skeleton.
https://docs.dotkernel.org/api-documentation/
MIT License
35 stars 5 forks source link

admin register #69

Closed alexmerlin closed 3 years ago

alexmerlin commented 3 years ago

What is the purpose of the POST /admin endpoint? (aka admin:register) If we intend to keep it in the API, we better remove authentication completely - so it's easier for unauthorized people to make API calls.

arhimede commented 3 years ago

It's an idea to remove authentication completely ....

But we need a way ( endpoint) to create new admin's

alexmerlin commented 3 years ago

we'll have to come up with a smarter method - I'll find something

alexmerlin commented 3 years ago

What if we turn this into a CLI command? I guess the whole idea of admin:register was to provide a way into the admin panel if all other admins leave the system and there's no one left to create a new admin account. A command could solve this problem, as theoretically someone should have access to a terminal in order to execute the command.

arhimede commented 3 years ago

To allow creation of admin accounta only using CLI seem a very good idea....

alexmerlin commented 3 years ago

On branch 3.0 a new admin can be created using command admin:create