Skip to content

Add restricted bucket token auth

Max B requested to merge maxb/token-spike into main

This is a first pass at adding the ability to restrict access to "buckets" of resources via an auth token header.

This adds a storage layer with sqlite. There's currently no functionality for adding access tokens through the codebase so they have to be manually added via the sqlite command line.

It is backwards compatible because resources without a "bucket" tag are considered public so there should be no change in functionality for deployments.

Remaining to-dos (which might or might not block merging this particular MR):

  • Updating README
  • Adding an endpoint or command line script for adding auth tokens
  • Figuring out how resources would be assigned buckets from the deployment (lilypad->menshen) pipeline
  • ????
  • profit
Edited by Max B

Merge request reports