add rattler_auth to authenticate requests #191
Conversation
|
@baszalmstra unfortunately I had to make two functions, one for Apart from that it works like a charm :) |
There was a problem hiding this comment.
Nice work!
Some comments:
-
authentication is currently a singleton and it cant be turned on or off. I dont like how intransparent, uncontrollable and potentially thread unsafe it is. It would be nice if you pass in an object for authentication. There you could also specify the key for the keychain for instance. Authentication::from_keychain would be nice to have!
-
Please dont use unwrap in library code unless you are sure the code cannot fail. And even then, please add a comment and/or use expect.
There was a problem hiding this comment.
This looks pretty close to done to me! A note:
- Since you can only really use an
AuthenticatedClientand there is noUnauthenticatedClientmaybe we can just call itClient? - I think by
Defaultthe "client" should be unauthenticated unless you initialize it with credentials. See my other comment. - It would be very nice if there is also a
From<reqwest::Client>implementation. That way the library remains super simple to use with just reqwest. - Random thought: If there is direct conversion from
reqwest::Clienttorattler_networking::Clientwe can useimpl Into<rattler_networking::Client>as an argument where authentication is required. That way people can keep using thereqwest::Clienttoo.
|
The idea of having a default key is that multiple tools could share the same namespace for credentials (eg rattler-build and px are both logged in to the same sites). |
|
I think thats dangerous behavior because if you set certain (invalid) credentials it affects all programs that use the default behavior. Its worst kind of a global variable you can have.. To me its also not logical that if you would do ‘px login’ it also works with ‘rattler-build publish’ (or whatever). Id much rather have a seperate ‘rattler-build login’. Ever more so as this is a library, I think we should allow users to opt-in by specifying the same key. It should not be the default behavior. |
|
Hmm but for each channel you want to use with rattler build (not for publishing, just for pulling packages from) you'd need to re-login. A lot of programs use global configurations for credentials (eg netrc files) or global proxy configurations (HTTP_PROXY environment variable etc). One can also easily opt out of the global sharing by using a different key. I think it would be pretty nice if px and rattler build share the credentials (which we can achieve either way). |
|
just for the record, I am working on a keyring-rs compatible fallback storage that saves the authentication to a file in the It's a bit challenging because of multi-threading and file locking but hopefully can get it done soon. |
crates/rattler_networking/src/authentication_storage/storage.rs
Outdated
Show resolved
Hide resolved
wolfv
force-pushed
the
authenticated_requests
branch
from
41d105e to
cb05a51
Compare
wolfv
force-pushed
the
authenticated_requests
branch
from
cb05a51 to
92061b2
Compare
No description provided.