Open echarlie opened 2 years ago
(okay, technically we've not put any auth into pload yet. but that's because we don't have this)
An alternative option is implementing an auth proxy across all of our services, but we have some special requirements we'd still need to cover that are still going to likely require custom code in each app, such as assigning role by group. We also want to make sure that we can secure the backend connections to prevent an attacker on the local network from simply injecting an auth header.
That being said, I think taking what we have in Trackman and converting it to a library so it can be more easily be reused is going to be the best option.
We've half-reimplemented auth for trackman, wuvt-site, donormotor, pload, and other services. ideally we'd reduce our code maintenance burden by building a python library all of these would share.