New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GET /api/v3_0/assets/public should ask for token authentication #649
Conversation
… to be used via JSON Signed-off-by: Nicolas Höning <nicolas@seita.nl>
Does this require a changelof entry? |
Pull Request Test Coverage Report for Build 4807223105
💛 - Coveralls |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. I checked if the frontend has any dependencies on this that require changes but I believe it doesn't. Everything also still works.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A big UX difference between using those decorators is that @login_required
leads to forwarding the agent to the login page, whereas @auth_token_required
leads to returning a "unauthenticated" JSON message. In other words, I would classify this as a bug, and would recommend adding a changelog entry.
Idea for letting all API views subclass
|
Signed-off-by: Nicolas Höning <nicolas@seita.nl>
Nice. But this further entrenches the use of Flask-Classful. On the PR there which blocks us, people are asking officially if the project is abandoned. |
... as it's meant to be used via JSON