Closed dcastro closed 2 years ago
How do we handle multi user servers? If there is only one global config Alice could access Bobs secrets.
How do we handle multi user servers? If there is only one global config Alice could access Bobs secrets.
That's a very good question - I guess we haven't discussed authorization/authentication at all yet. We should discuss this in Slack with @notgne2, and the grand scheme of things (e.g. how will users authenticate in the frontend?)
Looks like @DK318 already did this in #37, closing this issue.
Nevertheless, a larger discussion still needs to happen.
This issue is blocked by https://github.com/serokell/coffer/pull/37.
Clarification and motivation
Right now the Web API takes a vault token via a header. This is a problem on two levels:
config.toml
.The location of the config file should be configurable via a command line option or an env variable (just like the CLI)
The Web API should take qualified paths. The client can tell the API which backend to connect to by using a qualified path.
Acceptance criteria