Closed gevorgmansuryan closed 1 year ago
@gevorgmansuryan Thanks, looks really nice.
Here some points:
Tests & Swagger Docs would also be good, especially for the tokens.
@luke- Enabled users
used for JWT auth only.
@gevorgmansuryan
@luke-
Enabled users
used for JWT auth only.
This means that with Basic Auth all users are currently always enabled? I think it would be good to change this, and with authentication by Username & Password (Basic Auth & JWT), always allow the activated users or if checked all users.
@luke-
This means that with Basic Auth all users are currently always enabled?
Yes, it's always worked in this way
Okay Will add user check for Basic Auth too, + hint
@luke-
query param auth
Yes. It will work when bearer auth is enabled. When bearer auth checkbox is unchecked it will uncheck too. It is not possible to check query param auth checkbox without checking bearer auth checkbox
@luke-
@gevorgmansuryan Can you please check the tests?
Currently only this test should fail: https://github.com/humhub/rest/issues/114
@gevorgmansuryan Looks very good. Thank you!
@luke- Okay Will be done. What if we make jwt auth configurable and add enableJwtAuth checkbox like others?