if authentication request true in yaml, How to do for api?

jasonish / evebox

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search

https://evebox.org/

MIT License

417 stars 67 forks source link

if authentication request true in yaml, How to do for api? #230

Closed jianvector closed 1 year ago

jianvector commented 1 year ago

Hello:

if in yaml config:

authentication: required: true type: usernamepassword

when curl get api: curl -G http://2.2.2.1:5636/api/1/alerts -d time_range=84600s {"error":"authentication required","status":401}

How to do it ?

Thanks

jasonish commented 1 year ago

curl -u USERNAME:PASSWORD ... will work.

jianvector commented 1 year ago

curl -u USERNAME:PASSWORD ... will work. I tested for it. This is Suitable for basic authorization, invalid for evebox.

jasonish commented 1 year ago

curl -u USERNAME:PASSWORD ... will work. I tested for it. This is Suitable for basic authorization, invalid for evebox.

Are you saying it doesn't work? Or its not an ideal authentication method for API usage?

jianvector commented 1 year ago

it doesn't work. I think ideal authentication: apikey go example for client to get data:

req, err := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", apiKey)
req.Header.Add("Accept", "application/json")
req.Header.Add("Content-Type", "application/json")

resp, err := client.Do(req)

jasonish commented 1 year ago

I fixed basic http authentication, so you can use this. In my opinion, basic authentication is just as secure as simple API key based authentication, so I'll stick with that for now until there is a need for proper API key based authentication, with a secret, and an hmac, etc.