Explore authentication options for User CRUD operations

wunderio / wunderhub

A central content repository for the WunderSites.

http://docs.wunderhub.apiary.io/

GNU General Public License v2.0

3 stars 3 forks source link

Explore authentication options for User CRUD operations #65

Open mikebell opened 8 years ago

mikebell commented 8 years ago

Users need to have CRUD (minus D?) operations exposed to an API endpoint.

This needs to be as secure as possible. Drupal 8 currently supports the follwong types of authentication out of the box:

Oauth 1
HTTP Basic Authentication

Are there other modules available to provide authentication providers? Is OA1 or HTTP Basic Auth enough?

mikebell commented 8 years ago

I've explored OAuth a bit more and I'm 99% sure this is the way to go.

My next issue is finding out why simple API calls are being rejected as not authorised. I wonder if this has something to do with OpenID.

mikebell commented 8 years ago

Nope not OpenID, I have a sample site working with Basic Auth though.

mikebell commented 8 years ago

Figured it out and I needed to enable oauth in the Rest UI.

Here is a breif overview of my plans:

Create new API Role
Setup permissions for API Role
- User - Get and Patch (unless someone else wants more)
Configure API endpoints to use OAuth

This is a good start to allowing users to be updated from other systems.

There is an issue with creating new users, they require google sign in, to get around this create a new user using drush and specify the --password flag. The new user will need to be assigned to the API role and then a new consumer key/secret will need to be generated.

mikebell commented 8 years ago

PR for the work - https://github.com/wunderkraut/wunderhub/pull/66