search

powerhouse-inc / switchboard

Open-source API over the document model made to be developer- and analyst-friendly
https://switchboard-boilerplate.vercel.app
GNU Affero General Public License v3.0
3 stars 3 forks source link

API tokens & Ethereum sign in for Switchboard #264

Open CallmeT-ty opened 1 month ago

CallmeT-ty commented 1 month ago

use the etheruem login and api tokens to protect routes. imo it makes sense to introduce a /admin route where only requests from addresses from the env var ADMIN_ETH_ADDRESSES are accepted.

You go to the switchboard frontend, login with your ethereum address and create an API Key. if your ethereum address is listed in the environment variable ADMIN_USERS="0xabc,0xcde" you are allowed to add a drive, delete a drive or update a drive. if not you are not.

you can provide the api key when you are in the graphql explorer. next to the variables you can provide http header. there you add: { Authorization: "Bearer " }

CallmeT-ty commented 1 month ago

Write readme or explainer for API token authorization on switchboard for communication with tech ops

froid1911 commented 3 weeks ago

Peek 2024-08-19 14-28

CallmeT-ty commented 1 week ago

I've briefly documented this here. https://www.notion.so/makerdao-ses/Internal-Documentation-Core-Dev-50bbcde54139452da0549f82531c1c19?pvs=4#5405a089bf4348acb72d5b4d27f77c75