You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The recent #12 implemented the Spaces domain and the first routes on CLI and SDK. It also contains the first steps on authenticated requests to the API server using the API token. While that does correspond to the expected behavior on the backend, the user layers are currently unfinished, as there is a need for an authentication route responsible for authenticating the user and generating the necessary API token (as an access token).
The text was updated successfully, but these errors were encountered:
Title: Update Authentication Logic for CLI and SDK
Description:
The goal of this issue is to improve the user experience by updating the authentication logic for CLI and SDK use, with a focus on CLI use.
Requirements:
On the every execution of CLI, the application should check for the presence of credentials on the user's machine.
Credentials should be stored in a ~/.naas directory in the user's home directory.
Within the .naas directory, there should be a credential file containing a long-lived access token.
If the credential file is not present or it is empty, the application should:
Start a new thread
Initiate a built-in Python HTTP server on this thread
This server should listen on a specific port and respond to POST and OPTION queries.
Upon starting the thread, the application should open the user's default browser and direct it to https://naas.ai?cli_token=generate_token.
Upon successful login, the application should post the access token to localhost on the custom port.
The server should respond to OPTION queries with the appropriate 'Access-Control-Allow-Origin' headers to prevent CORS issues.
Upon receiving the POST query, the body should contain a dictionary with an access_token key with the value being the actual access token from the naas.ai website.
This short-lived token should then be traded on auth.naas.ai/bearer/workspace/longlived for a long-lived token.
The long-lived token should then be stored in the .naas/credentials file in the user's home directory.
In the main thread of the CLI, the application should watch for the creation and population of the credentials file.
Once the credentials file is populated, the application should attempt to use the token against auth.naas.ai/users/me.
Upon receiving a successful response (HTTP 200), the application should notify the user that the CLI is properly configured and that they are authenticated.
The overall aim is to streamline the authentication process, providing a better user experience when using the CLI and other tools.
The recent #12 implemented the Spaces domain and the first routes on CLI and SDK. It also contains the first steps on authenticated requests to the API server using the API token. While that does correspond to the expected behavior on the backend, the user layers are currently unfinished, as there is a need for an authentication route responsible for authenticating the user and generating the necessary API token (as an access token).
The text was updated successfully, but these errors were encountered: