Maniphest T4574

Add token based authentication to GraphQL API
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	jestabro
	Jul 28 2022, 1:47 PM

Tags

Referenced Files

None

Subscribers

Active contributors

Description

Standard practice for a GraphQL APi is to use token-based authentication, commonly using JWT (JSON web tokens: https://jwt.io/). This would be implemented as part of the 'business logic', replacing, or complimenting, the key-based authentication which, by contrast, adds a field to the schema. The library PyJWT provides the needed support to easily add token-based authentication; it can be extended to token-based authorization should roles be defined in the future. There are several simple design questions to be discussed, and conclusions will be summarized here.

Details

Difficulty level: Unknown (require assessment)
Version: vyos-1.4
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Perfectly compatible
Issue type: Feature (new functionality)

Related Objects

Mentioned In: T4753: Extend automatic generation of schema to query SystemStatus
T4749: Use config_dict for conf_mode http-api.py

Event Timeline

jestabro triaged this task as Normal priority.Jul 28 2022, 1:47 PM

jestabro created this task.

jestabro created this object in space S1 VyOS Public.

pasik added a subscriber: pasik.Jul 28 2022, 4:58 PM

jestabro mentioned this in T4749: Use config_dict for conf_mode http-api.py.Oct 13 2022, 8:21 PM

jestabro mentioned this in T4753: Extend automatic generation of schema to query SystemStatus.Oct 16 2022, 7:24 PM

PR:
https://github.com/vyos/vyos-1x/pull/1613

jestabro closed this task as Resolved.Oct 25 2022, 5:09 PM

jestabro moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta board.