Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable a token based auth for the mobile app #1204

Closed
Tracked by #5523
teolemon opened this issue Apr 30, 2018 · 3 comments
Closed
Tracked by #5523

Enable a token based auth for the mobile app #1204

teolemon opened this issue Apr 30, 2018 · 3 comments
Assignees
@hangy
Labels
🔐 API auth The API requires auth in order to perform editing.There is a common mechanism & a Robotoff mechanism API Issues related to the Open Food Facts API. More specific labels exist & should be used (API WRITE…) help wanted 🎯 P1 security

Comments

@teolemon
Copy link
Member

teolemon commented Apr 30, 2018
edited
Loading

What

  • Enable a token based auth for the mobile app so that we don't have to store the password on the mobile devices and send them everytime.

Part of
@hangy
Copy link
Member

hangy commented May 1, 2018

As you may have noticed, I had started something like that in the OpenID Connect branch. For some reason, though, Perl always SEGFAULTs in one of the used Perl modules. It should be easy to finish this if anyone has an idea how to fix those Perl modules. 👍

@hangy hangy mentioned this issue May 7, 2018
Open
@teolemon teolemon added the API Issues related to the Open Food Facts API. More specific labels exist & should be used (API WRITE…) label May 19, 2018
@teolemon teolemon added 🔐 API auth The API requires auth in order to perform editing.There is a common mechanism & a Robotoff mechanism and removed API Issues related to the Open Food Facts API. More specific labels exist & should be used (API WRITE…) labels May 27, 2018
@hangy hangy mentioned this issue Jun 5, 2018
Closed
@hangy
Copy link
Member

hangy commented Dec 17, 2018

I revisited this idea last weekend. Instead of re-implementing OIDC (as there seems to no good OIDC Identity Provider library for Perl - and is out of scope for this project), we could integrate hydra with ProductOpener to get a verified OIDC IdP, and see whether the APIs users can be verified using Crypt::JWT.

@hangy hangy mentioned this issue Dec 30, 2018
Open
@hangy hangy mentioned this issue Mar 17, 2019
Closed
@hangy hangy self-assigned this Mar 17, 2019
@hangy hangy added the security label Jun 23, 2019
@hangy hangy mentioned this issue Nov 30, 2019
Merged
@teolemon teolemon added the API Issues related to the Open Food Facts API. More specific labels exist & should be used (API WRITE…) label Aug 21, 2021
@teolemon teolemon mentioned this issue Aug 21, 2021
Open
@VaiTon VaiTon mentioned this issue Jul 5, 2023
Open
1 task
@hangy hangy mentioned this issue Nov 6, 2023
Open
28 tasks
@hangy
Copy link
Member

hangy commented Sep 8, 2024

Closing as a duplicate of #1596

@hangy hangy closed this as not planned Won't fix, can't repro, duplicate, stale Sep 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hangy hangy

Labels
🔐 API auth The API requires auth in order to perform editing.There is a common mechanism & a Robotoff mechanism API Issues related to the Open Food Facts API. More specific labels exist & should be used (API WRITE…) help wanted 🎯 P1 security
Projects
Revamping auth across Open Food Facts
Status: Done
🍊 Open Food Facts Server issues
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add ORY Hydra based login hangy/openfoodfacts-server
2 participants
@hangy @teolemon