Add more authentication methods #103
Conversation
| @@ -159,6 +161,20 @@ def ui_get_build(build_id): | |||
| return render_template("build.html", **context) | |||
|
|
|||
|
|
|||
| @app_ui.route("/user/", methods=["GET"]) | |||
| def ui_get_user(): | |||
There was a problem hiding this comment.
Ahh. I think you are thinking of this differently. Github has a route that should be called within the callback_url method https://api.github.com/user to get the username and organizations that the user is a member of.
There was a problem hiding this comment.
And conda-store shouldn't keep any information about the user. I'm saying this because every authentication provider is a bit different and may not provide an email/username etc. Additionally not everything logged into conda-store is a user. Often times it will be a service that has authenticated via a conda-store token. So conda-store should only be concerned about storing the authorization that the given authenticated user has (unless we want to handle to complexity of is this a user or a service etc. which I think is unneeded).
There was a problem hiding this comment.
I am doing that here and then saving the user data as json cookie. I didn't get the organizations yet to save a query and because I want to know how generic this needs to be (organizations might be GH-specific).
| conda_store = get_conda_store() | ||
| auth = get_auth() | ||
|
|
||
| # TODO: how does authorization work? |
There was a problem hiding this comment.
@costrouc Any idea how to manage this here? I couldn't get this bit to work 😬
costrouc
force-pushed
the
auth
branch
2 times, most recently
from
e3829cd
to
9dc89cf
Compare
Closes #101