Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add JWT support for API and Dashboard #984

Merged
merged 86 commits into from
Mar 30, 2022
Merged

Add JWT support for API and Dashboard #984

merged 86 commits into from
Mar 30, 2022

Conversation

samuel-rufi
Copy link
Member

@samuel-rufi samuel-rufi commented Jan 18, 2022
edited
Loading

Generate a JWT token with: cargo release -- jwt-api

Example request for protected /api/v1/tips:

curl -X 'GET' \
  'http://127.0.0.1:14265/api/v1/tips' \
  -H 'accept: application/json' \
  -H 'authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiIxMkQzS29vV1BydFg1cE1hYlZuaUJ5ZVo4OXh6OWVnWnhQcTRtNnNHNGV0V1Fwb2pjMkNmIiwic3ViIjoiQmVlIiwiYXVkIjoiYXBpIiwibmJmIjoxNjQ3Mjc2NDUxLCJpYXQiOjE2NDcyNzY0NTF9.WMprcjWTEVrszhfeoCEfg3-0nRRFrnRlUUtVeD78Xqs'

You can protect routes with the node config file. Simply add the route you want to protect to the protectedRoutes array. To make routes public use the publicRoutes array.

@thibault-martinez thibault-martinez added c-feature Category - Feature e-medium Experience - Medium n-all Network - All p-medium Priority - Medium wg-api Working Group - API labels Jan 18, 2022
@samuel-rufi samuel-rufi marked this pull request as ready for review January 25, 2022 15:12
@samuel-rufi samuel-rufi requested a review from Alex6323 as a code owner January 25, 2022 15:12
grtlr
grtlr suggested changes Jan 25, 2022
View reviewed changes
Copy link
Contributor

@grtlr grtlr left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's cool that this adds functionality, but also makes parts of the code easier to read/maintain. 👍

@samuel-rufi samuel-rufi changed the base branch from chrysalis-pt-2 to dev February 2, 2022 14:18
@samuel-rufi
Moving Dashboard auth logic
6987203
@samuel-rufi
Lazy static regex generation; make use of RegexSet; complete permissi…
2e47d38 
…on filter
@samuel-rufi
Merge branch 'dev' of https://github.com/iotaledger/bee into api-jwt
477d6c1 
� Conflicts:
�	bee-api/bee-rest-api/src/endpoints/routes/api/v1/output.rs
@samuel-rufi
Format permission.rs
87c5129
@samuel-rufi
Format output.rs
e55c45d
@samuel-rufi
Remove "extern crate" imports; document JWT Bearer
96fafa5
@samuel-rufi
Base64 decode JWT payload to categorize JWT audience
f806f69
@samuel-rufi
Merge branch 'dev' of https://github.com/iotaledger/bee into api-jwt
c8fee98
@samuel-rufi
Format jwt_api.rs
b8f9ffe
@samuel-rufi
Merge branch 'dev' of https://github.com/iotaledger/bee into api-jwt
a6178fa 
� Conflicts:
�	bee-api/bee-rest-api/src/endpoints/mod.rs
�	bee-node/src/fullnode/builder.rs
@samuel-rufi
Read JWT payload to find out how to validate it correctly
208f6a5
@samuel-rufi
Pass dashboard username
45585b6
@samuel-rufi samuel-rufi requested review from pvdrz and grtlr March 28, 2022 15:10
grtlr
grtlr previously approved these changes Mar 29, 2022
View reviewed changes
Alex6323
Alex6323 previously approved these changes Mar 29, 2022
View reviewed changes
@samuel-rufi samuel-rufi dismissed stale reviews from Alex6323 and grtlr via 050c48e March 29, 2022 14:54
Alex6323
Alex6323 previously approved these changes Mar 29, 2022
View reviewed changes
grtlr
grtlr previously approved these changes Mar 29, 2022
View reviewed changes
pvdrz
pvdrz previously approved these changes Mar 29, 2022
View reviewed changes
@thibault-martinez thibault-martinez dismissed stale reviews from pvdrz, grtlr, and Alex6323 via 7c3c359 March 30, 2022 08:54
grtlr
grtlr previously approved these changes Mar 30, 2022
View reviewed changes
@samuel-rufi
Merge branch 'mainnet-develop-0.4' of https://github.com/iotaledger/bee
31a4be2 
… into api-jwt

� Conflicts:
�	bee-node/bee-node/config.chrysalis-comnet.json
�	bee-node/bee-node/config.chrysalis-comnet.toml
@samuel-rufi
Merge remote-tracking branch 'origin/api-jwt' into api-jwt
4efc53c
@grtlr grtlr merged commit 325b85c into iotaledger:mainnet-develop-0.4 Mar 30, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@grtlr grtlr grtlr approved these changes

@pvdrz pvdrz pvdrz approved these changes

@Adam-Gleave Adam-Gleave Awaiting requested review from Adam-Gleave

@Alex6323 Alex6323 Awaiting requested review from Alex6323

@thibault-martinez thibault-martinez Awaiting requested review from thibault-martinez

Assignees
No one assigned
Labels
c-feature Category - Feature e-medium Experience - Medium n-all Network - All p-medium Priority - Medium wg-api Working Group - API
Projects
None yet
Milestone
v0.4
Development

Successfully merging this pull request may close these issues.
6 participants
@samuel-rufi @thibault-martinez @grtlr @Adam-Gleave @pvdrz @Alex6323