Skip to content

Basic Authentication for Porter#2726

Merged
KPrasch merged 5 commits intonucypher:porterfrom
derekpierre:basic-basic-auth
Jun 25, 2021
Merged

Basic Authentication for Porter#2726
KPrasch merged 5 commits intonucypher:porterfrom
derekpierre:basic-basic-auth

Conversation

@derekpierre
Copy link
Copy Markdown
Member

@derekpierre derekpierre commented Jun 21, 2021

Type of PR:

  • Bugfix
  • Feature
  • Documentation
  • Other

Required reviews:

  • 1
  • 2
  • 3

What this does:
Based over #2724 .

Allows Porter to facilitate Basic Authentication over HTTPS based on a provided htpasswd file via --basic-auth-filepath. Updated Docker/docker-compose files accordingly.

Issues fixed/closed:
Fixes #2706 - does it fully "fix" it? perhaps for now unless users decide they want something more robust. However, this is a good starting point.

Why it's needed:
User authentication in some form will be needed if Porter is to be used as a public service.

@derekpierre derekpierre added Security Security concern Web Webpages labels Jun 21, 2021
@derekpierre derekpierre added this to the Porter v1 (MVP) milestone Jun 21, 2021
@derekpierre derekpierre self-assigned this Jun 21, 2021
@derekpierre derekpierre mentioned this pull request Jun 21, 2021
Merged
@vepkenez
Copy link
Copy Markdown
Contributor

vepkenez commented Jun 21, 2021

I am thinking that a very common use case for Porter will require CORS "allow-origin" style access control. Essentially the ability to whitelist domains that requests are allowed to come from.

Similar to how Infura's "Allowlist Origins" work.
Screen Shot 2021-06-21 at 13 39 46

So people will be able to make websites and run a porter server to service them.

I guess this would be doable through an nginx proxy.
Maybe Hendrix/Twisted has some facility for this as well.

Have we talked about all this?

@derekpierre
Copy link
Copy Markdown
Member Author

derekpierre commented Jun 22, 2021

I guess this would be doable through an nginx proxy.
Maybe Hendrix/Twisted has some facility for this as well.
Have we talked about all this?

@vepkenez the question becomes what do we provide out of the box vs what do we leave for people who intend to run Porter to customize for their own needs. As you mentioned, some of the more intricate functionality can be obtained via nginx proxy sitting in front of Porter, so we should think of where to draw the line.

Let's chat more tomorrow.

@derekpierre derekpierre linked an issue Jun 23, 2021 that may be closed by this pull request
Porter Authentication #2706
Closed
@derekpierre derekpierre mentioned this pull request Jun 24, 2021
Merged
7 tasks
@KPrasch KPrasch merged commit ac5442e into nucypher:porter Jun 25, 2021
@derekpierre derekpierre linked an issue Jun 25, 2021 that may be closed by this pull request
Containerization/Deployment of Porter #2669
Closed
This was referenced Jun 25, 2021
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@KPrasch KPrasch KPrasch approved these changes

@cygnusv cygnusv Awaiting requested review from cygnusv

@piotr-roslaniec piotr-roslaniec Awaiting requested review from piotr-roslaniec

+1 more reviewer

@vepkenez vepkenez vepkenez approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@derekpierre derekpierre

Labels

Security Security concern Web Webpages

Projects

None yet

Milestone

Porter v1 (MVP)

Development

Successfully merging this pull request may close these issues.

Porter Authentication Containerization/Deployment of Porter

3 participants

@derekpierre @vepkenez @KPrasch