You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
All CREATE/UPDATE/DESTROY operations in the YACS API will be secured with an API key. Ultimately, we would like a have a full user and login system not just for admins, but for students as well. In order to push the admin panel out faster, we may want to just give it a single API key (stored on the environment) and lock down the entire site with a single set of credentials using HTTP basic auth. The built in support for this would make this trivial to implement. We can then release the admin panel before the login system is complete, and switch to the true authentication system once it is complete.
TL;DR - For now we probably just want HTTP basic auth with credentials and api key stored in the environment.
We should get more of the basic functionality done before this is implemented, though.
The text was updated successfully, but these errors were encountered:
All CREATE/UPDATE/DESTROY operations in the YACS API will be secured with an API key. Ultimately, we would like a have a full user and login system not just for admins, but for students as well. In order to push the admin panel out faster, we may want to just give it a single API key (stored on the environment) and lock down the entire site with a single set of credentials using HTTP basic auth. The built in support for this would make this trivial to implement. We can then release the admin panel before the login system is complete, and switch to the true authentication system once it is complete.
TL;DR - For now we probably just want HTTP basic auth with credentials and api key stored in the environment.
We should get more of the basic functionality done before this is implemented, though.
The text was updated successfully, but these errors were encountered: