Story #2358
As a user, I can authenticate with username and password stored in Pulp
100%
Description
Configure Pulp so that:
- Basic Auth (with credentials stored in Pulp) works against any protected API endpoint
- only authenticated users have access to the API
(use permissions available in DRF out-of-the-box we do not want permissions to be more granular for MVP)
Related issues
Associated revisions
Revision 7ae3e451
View on GitHub
Adds authentication to the REST API
All API views now require authentication. The password for the 'admin' user can now be set using the 'reset-admin-password' django management command. The new command takes an optional '--random' argument.
History
#1
Updated by ttereshc over 5 years ago
- Blocked by Task #2243: Create custom django User model added
#2
Updated by ttereshc over 5 years ago
- Blocks Story #2359: As a user, I can use JWT tokens for authenticaton added
#3
Updated by ttereshc over 5 years ago
- Related to Task #2090: Create a plan for user/auth in 3.0 added
#4
Updated by mhrivnak over 5 years ago
- Description updated (diff)
#5
Updated by mhrivnak about 5 years ago
- Description updated (diff)
- Groomed changed from No to Yes
- Sprint Candidate changed from No to Yes
#6
Updated by mhrivnak about 5 years ago
- Sprint/Milestone set to 29
#7
Updated by dkliban@redhat.com about 5 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to dkliban@redhat.com
#8
Updated by dkliban@redhat.com about 5 years ago
As part of this story, I am also adding a new management command called 'reset-admin-password'. This command will be invoked in the following way:
python manage.py reset-admin-password
Afterwards, the user will be prompted to enter a new password for the 'admin' user of Pulp.
Another way to invoke the command would be with '--random' argument. This would generate a random password for the user 'admin' and then output to stdout.
Our dev setup script could ask the developer to enter a password for 'admin' user. The spec file for the RPM could use this command to create 'admin' user with a random password.
#9
Updated by dkliban@redhat.com about 5 years ago
- Status changed from ASSIGNED to POST
#10
Updated by dkliban@redhat.com about 5 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset pulp|7ae3e4511a32dc2d0cf86bfeaf1a1aaa97af517d.
#11
Updated by bmbouter almost 4 years ago
- Sprint set to Sprint 11
#12
Updated by bmbouter almost 4 years ago
- Sprint/Milestone deleted (
29)
#13
Updated by daviddavis almost 3 years ago
- Sprint/Milestone set to 3.0.0
#14
Updated by bmbouter almost 3 years ago
- Tags deleted (
Pulp 3)
#15
Updated by bmbouter about 2 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
.
Adds authentication to the REST API
All API views now require authentication. The password for the 'admin' user can now be set using the 'reset-admin-password' django management command. The new command takes an optional '--random' argument.
closes #2358 https://pulp.plan.io/issues/2358