-
-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for AuthSession cookie #617
Conversation
Related to #582 @dianabarsan Can you please have a look at this when you get a chance? How does this work with the pouchdb cookie auth plugin I wonder... |
Ah, the session is passed as an argument to the code? I suppose we could have a version of the plugin that can get a session cookie as a parameter when creating the database and have it use that cookie throughout. |
Yeah I made that mistake on my first read through too!
Yes I think that makes sense... if you have a session token passed in, use that, otherwise use the basic auth. |
Yea, the intent of the plugin is to not need to add custom code to handle sessions everywhere. So it'd be pretty counterproductive to have each repo have its custom implementation. @paulpascal can we sync on what is the need here and how can we use https://github.com/medic/pouchdb-session-authentication , which we intend to support, maintain and eventually integrate into PouchDb core? |
Thanks @garethbowen and @dianabarsan for looking into this. @dianabarsan sure we can sync on that 👌. |
1ba61fc
to
6b6cdd3
Compare
f797d41
to
9376f33
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this looks great!
However I think we should have some e2e tests that check that cht-conf works correctly when a session token is passed. The tests should cover api requests and pouchdb requests.
Sure, let me add that 👍 |
bf9ad2c
to
bac0035
Compare
bac0035
to
9e45f2f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very very nice! Very high quality, I am so happy when I see PRs like this.
I have just some really minor comments.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Loving this!
.to.be.rejected | ||
.and.eventually.have.property('message') | ||
// Bad Request: Malformed AuthSession cookie | ||
.that.contains('INFO Error: Received error code 400'); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
<3
Thanks @dianabarsan ! |
🎉 This PR is included in version 3.23.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
Description
This PR introduces support for a session token-based authentication mechanism in
cht-conf
, supporting the User Management Tool's cloud-based move-contact execution feature.Key changes
New command argument: Added support for new cmdArgs,
session-token
, allowing API requests and database operations to use a session cookie (if provided) for authentication instead of the regular basic authentication.API requests: Updated API request functions to include the session token in the request headers if provided.
Database Authentication: Updated the db connection setup to utilize the session token for authentication using pouchdb-session-authentication plugin.
Note
With these changes, the User Management Tool can rely on a worker to run the
cht
commands in a child process, passing along the sessionToken obtained initially from the_session
request.Please find more details here: PR, issue.