[Token Authentication] - JWT Token by REST API

[bard0x]

Checklist

• [x] I've searched through the current issues to make sure this feature hasn't been requested already.

Motivation

Hi,

is there a possibility to do a login in G3W with a JWT Token by calling a REST API? For example, I would to implement an autologin on start on G3W, embedding G3W into an iframe with an autologin calling a rest api by JWT Token.

Thanks in advance for the reply

bard0x

Suggested solution

JWT Token in order to do an authentication by REST API

Alternatives considered

No response

[Raruto]

Hi @bard0x,

maybe I misunderstood you, but I don't think you can authenticate a JWT user using a "standard" <iframe src="..."> request.

The closest thing you can do, is to generate a unique token for the user (within your "frontend" application) and pass it to the remote server as a parameter in the <iframe src="...?token=your_super_secret_key"> url.

For more info:

• https://github.com/g3w-suite/g3w-admin-authjwt
• https://www.django-rest-framework.org/api-guide/authentication/#api-reference
• https://stackoverflow.com/questions/60665341/how-to-pass-authentication-details-to-application-inside-iframe

FYI, right now we are developing a premium module, which handles a situation similar to the one you describe (ie. a catalog explorer with remote user authentication), if you might be interested, please try to contact sales at info@gis3w.it for some information about future availability of this extension.

Otherwise, please post some of your code so that everyone else can get a better idea.

👋 Raruto