search

iron-io / functions-ui

User interface for IronFunctions - http://github.com/iron-io/functions
https://iron.io
Apache License 2.0
95 stars 18 forks source link

Support JWT Auth #12

Closed c0ze closed 6 years ago

c0ze commented 6 years ago

Now that functions support JWT auth, we need to add this to the UI as well. @kunihiko-t what do you think ?

kunihiko-t commented 6 years ago

Hi, I think we need JWT support both of route level & service level.

Route Level

We need JWT Key field here. app

Service Level

Read JWT_KEY env variable when function-ui starts up. and generate JWT for each request to the function server. Regarding access restrictions to the UI, it's better to do it on another layer( e.g Basic Auth on Nginx)

What do you think?

c0ze commented 6 years ago

Regarding JWT tokens, yes, looks good ! I agree with your points !

Regarding access restrictions to the UI, it's better to do it on another layer( e.g Basic Auth on Nginx)

Arghh yes, never though about this ! This is of course absolutely necessary as well. I'll think about it ! (You can assume this is out of scope of JWT auth) Let's handle this separately !

kunihiko-t commented 6 years ago

Yeah, I'll work on Route level one for now :)