Mova can only be used if a user is logged-in in MoDa (no public access).

[omimo]

Mova does not work without authentication, e.g, when the user is not logged in. So, public/anonymous users cannot view the data in Mova.

We need a public version of the MoDa API that, when no-one is logged in, MoVa or public users can access the public repositories.

[michaelnixon]

See application_controller.rb. You'll need to refactor any method that uses authenticate_or_request_with_http_basic to rely on some other authentication method. The problem is that this is done at an early stage in a request, before you have access to an object to know whether it's public. A simpler method than changing the overall API authentication model: given that we have created a "fake" Mova user account, you should find a way to authenticate with that user so the actual Mova user never sees the authentication process.

[omimo]

Thanks Michael!

@subirranjan1, I think we can go with the second solution. What's your opinion?

[subirranjan1]

Hi. @omimo @michaelnixon I am not quite sure I understood completely how to do this your way. As per my understanding any public access of a track or a take in MOVA is associated whether it is publicly accessible or not (public column in that table for that row is set or not). I have not come across the code of MOVA, however I believe that it does a look up for the login credentials from the users table or some cookie authentication method(If not please let me know). Having said that, what if we authenticate MOVA based upon whether public bit is set for the corresponding take or track in the DB. And I think for this, changes will be required to do in the code related to authentication in MOVA. Feel free to comment.

[omimo]

Currently Mova doesn't have a separate authentication mechanism implemented. It's just using the HTTP auth by the browser. @subirranjan1, let's talk about this when we meet.

[omimo]

So, we decided that we can at least make an exception for API requests and if it is coming from Mova, we allow it.