Zh/proxmox client api token authentication #62
Conversation
|
did you consider what we need to do to update our API calls? |
|
Yes, so setting a token to client.ApiToken sets the HTTP Authentication header to the value provided, and each API request is made through that. |
|
And that has been tested that it will work on your end, correct? |
|
Yes, I tested in my local proxmox host, it creates the token and sets the header with it. |
|
Cool just making sure. What part of this do you still need to do? |
|
Need to make sure to get rid of the ticket based authentication properly, which is produced by username/password |
|
@jasekiw Could you look at this? |
I talked to zaid after the call and told him how to fix the issue here with the null reference exception. I'll take a look after he fixes that. |
@jasekiw I pushed the changes, sorry forgot to do so the other night. I still need to make some changes before your review. I'll try to update soon. |
|
Kudos, SonarCloud Quality Gate passed!
|
| Value = apiKey.Response.data.value | ||
| }; | ||
| } | ||
|
|
||
| public async Task<TicketResponse> GetTicket(int vmId) |
There was a problem hiding this comment.
@jasekiw Using API tokens gets rid of the need to log in to the proxmox API with username and password. The Login method we use logs in and generates a ticket, which is used to authenticate noVNC in cslabs-webapp/src/api/rfb.ts. Since API tokens will remove the need for log in, a ticket will not be generated to authenticate to noVNC, and I am receiving a 401 unauthorized if I do so. Reference to the proxmox API here. I may have missed something, I am not sure what we can do or maybe there is another way?
There was a problem hiding this comment.
@zkhussain Is there a time you are available to go through this via zoom? I would like you to demonstrate the issue for me if you can.
There was a problem hiding this comment.
Yes, evening times work best. Tomorrow after the meeting?
No description provided.