Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auth0 support #595

Open
avelino opened this issue Aug 31, 2021 · 4 comments
Open

auth0 support #595

avelino opened this issue Aug 31, 2021 · 4 comments
Labels
enhancement feature/auth product/api-server REST API Server

Comments

@avelino
Copy link
Member

avelino commented Aug 31, 2021

Is your feature request related to a problem? Please describe.
pREST Authentication System (we generate jwt) with @auth0 support

Describe the solution you'd like
I don't have a defined architecture, need to think about how to keep the support for authentication and existing more auth0 (not to replace but to add), parameterizable via configuration file.

auth0 package for go: https://auth0.com/docs/quickstart/backend/golang

implementation of the prest authentication endpoint:

prest/controllers/auth.go

Lines 60 to 100 in 47c0164

func Auth(w http.ResponseWriter, r *http.Request) {
login := Login{}
switch config.PrestConf.AuthType {
// TODO: form support
case "body":
// to use body field authentication
dec := json.NewDecoder(r.Body)
dec.DisallowUnknownFields()
dec.Decode(&login)
break
case "basic":
// to use http basic authentication
var ok bool
login.Username, login.Password, ok = r.BasicAuth()
if !ok {
http.Error(w, unf, http.StatusBadRequest)
return
}
break
}
loggedUser, err := basicPasswordCheck(strings.ToLower(login.Username), login.Password)
if err != nil {
http.Error(w, err.Error(), http.StatusUnauthorized)
return
}
token, err := Token(loggedUser)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
resp := Response{
LoggedUser: loggedUser,
Token: token,
}
err = json.NewEncoder(w).Encode(resp)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
}

Additional context
today we support authentication only via sql query (in existing tables or in the prest itself), but thinking about covering other forms of authentication, auth0 is a great alternative
@george-silva
Copy link

Hello all! First: Great product! Running smoothly on AWS ECS, deployed with AWS Copilot!

Chiming in here as I'm starting a new project with pREST and auth0. The integration would be very beneficial. Not only auth0 can support users with JWT tokens, but also machine-to-machine authentication (which is what I'm interested in).

@avelino
Copy link
Member Author

avelino commented Dec 16, 2021

@george-silva would you have interest and time to contribute to this auth0 implementation?

@george-silva
Copy link

@avelino interest to contribute yes! But I hardly read/write go. As much as I'd like to step in and help, I think it will take me a long time to do it. I can help in testing, validating and documenting it.

@leonardorifeli
Copy link

@avelino I have interest and time to contribute to this implementation.
Can I get it?
We use auth0 on our main platform (harmo.me)

@leonardorifeli leonardorifeli mentioned this issue May 17, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement feature/auth product/api-server REST API Server
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@avelino @george-silva @leonardorifeli