Story #8951
closed
Add authentication to content app
100%
Description
A user from AAH wants to be able to log who is downloading from the content app (https://issues.redhat.com/browse/AAH-643), so having authentication will be needed. Requests can be authenticated through middleware (https://docs.aiohttp.org/en/stable/web_advanced.html#middlewares) that will run the same auth methods used by the DRF views. The middleware could be configured by a new setting so users could turn it off. If a request fails authentication they will be marked as an AnonymousUser, but still allowed to download content. The RBAC content guard would use the authentication from this middleware to determine if the user has permission to download or not.
Related issues
Updated by gerrod over 3 years ago
- Related to Story #8940: Add RBAC content guard to pulpcore added
Updated by pulpbot over 3 years ago
- Status changed from NEW to POST
Updated by pulpbot over 3 years ago
Added by gerrod about 3 years ago
Updated by gerrod about 3 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset pulpcore|3e80f006f9afa3a2227637040b2d4b2a1990a308.
Updated by pulpbot about 3 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
.
Add authentication to content app
fixes: #8951 https://pulp.plan.io/issues/8951