Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add dj-rest-auth #4187

Merged
merged 34 commits into from
Jun 20, 2023
Merged

Add dj-rest-auth #4187

merged 34 commits into from
Jun 20, 2023

Conversation

matmair
Copy link
Member

@matmair matmair commented Jan 9, 2023
edited
Loading

This PR:

  • Adds various endpoints to use the currently available auth/registering functions via the API
  • Adds JWT as an auth method (simpler to use in SPA - related to Epic: React #3901)

TODO:

  • test registering endpoint
  • add social connect endpoints
  • security review?
  • extend docs

Fixes #3978

@matmair
Add dj-rest-auth
e32e5ba 
[FR] User registration via API
Fixes inventree#3978
@matmair matmair added api Relates to the API security Relates to a security issue labels Jan 9, 2023
@matmair matmair added this to the 0.10.0 milestone Jan 9, 2023
@matmair matmair self-assigned this Jan 9, 2023
@SchrodingersGat
Copy link
Member

Does this work with existing SSO solutions?

@matmair
Copy link
Member Author

matmair commented Jan 9, 2023

@SchrodingersGat that is still TODO

@SchrodingersGat SchrodingersGat modified the milestones: 0.10.0, 0.11.0 Feb 2, 2023
@SchrodingersGat SchrodingersGat modified the milestones: 0.11.0, 1.0.0 Apr 12, 2023
@matmair
Copy link
Member Author

matmair commented Jun 8, 2023

@SchrodingersGat do we want to continue supporting all social connection options with #3901 or should we cut down the options for the first version?

@SchrodingersGat
Copy link
Member

By "cut down" do you mean still supporting key ones (e.g. google / microsoft)?

@matmair
Copy link
Member Author

matmair commented Jun 15, 2023
edited
Loading

@SchrodingersGat it took a bit but it seems like we can maintain support for almost all providers (all that support OAuth2).

Exceptions are (updated 2310 CEST):

Found handler that is not yet ready for platform UI: `draugiem`
Found handler that is not yet ready for platform UI: `evernote`
Found handler that is not yet ready for platform UI: `500px`
Found handler that is not yet ready for platform UI: `flickr`
Found handler that is not yet ready for platform UI: `openstreetmap`
Found handler that is not yet ready for platform UI: `persona`
Found handler that is not yet ready for platform UI: `pocket`
Found handler that is not yet ready for platform UI: `steam`
Found handler that is not yet ready for platform UI: `telegram`
Found handler that is not yet ready for platform UI: `trello`
Found handler that is not yet ready for platform UI: `tumblr`
Found handler that is not yet ready for platform UI: `xing

I will work on adding support for Keycloak, OpenId and Twitter. Are you ok with waiting for FRs for the rest?

@matmair
Copy link
Member Author

matmair commented Jun 15, 2023

Ok, I have to revise that; there is a Twitter OAuth2 and OIDC endpoint; I added keycloak so it should be good to go.
The only thing missing is an endpoint to get all available providers and a few small refactors.

@matmair matmair marked this pull request as ready for review June 15, 2023 23:16
@SchrodingersGat
Copy link
Member

I will work on adding support for Keycloak, OpenId and Twitter. Are you ok with waiting for FRs for the rest?

Absolutely - I don't think it makes sense to spend a bunch of effort for integrations that may never actually be used.

@SchrodingersGat
Copy link
Member

Does this replace our existing SSO login views completely?

@matmair
Copy link
Member Author

matmair commented Jun 16, 2023

No, it just exposes them in another way. Under the hood the same functional code is used.

@matmair matmair modified the milestones: 1.0.0, 0.12.0 Jun 20, 2023
@matmair
Copy link
Member Author

matmair commented Jun 20, 2023

Closes #3978

@SchrodingersGat
Copy link
Member

SchrodingersGat commented Jun 20, 2023
edited
Loading

@matmair ready for merge? Does this need any additional docs?

@matmair
Copy link
Member Author

matmair commented Jun 20, 2023
edited
Loading

@SchrodingersGat I got it to a point where the settings do not need to change so no new docs needed.

@SchrodingersGat SchrodingersGat merged commit b700b44 into inventree:master Jun 20, 2023
@SchrodingersGat
Copy link
Member

Well, great! Thanks :)

@matmair matmair deleted the matmair/issue3978 branch June 20, 2023 06:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SchrodingersGat SchrodingersGat Awaiting requested review from SchrodingersGat SchrodingersGat is a code owner

Assignees

@matmair matmair

Labels
api Relates to the API security Relates to a security issue
Projects
None yet
Milestone
0.12.0
Development

Successfully merging this pull request may close these issues.

[FR] User registration via API
2 participants
@matmair @SchrodingersGat