-
-
Notifications
You must be signed in to change notification settings - Fork 218
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Jwt #190
base: main
Are you sure you want to change the base?
Jwt #190
Conversation
…anges in the code run with new versions.
… Result" from github actions (clippy).
….yml and other config to enable or disable jwt...and tests.
… (it is annoying...but it is ok).
…t from arg or config file.
Codecov Report
@@ Coverage Diff @@
## master #190 +/- ##
==========================================
- Coverage 41.14% 40.20% -0.94%
==========================================
Files 13 13
Lines 1541 1577 +36
==========================================
Hits 634 634
- Misses 907 943 +36
Continue to review full report at Codecov.
|
Hi @mdtrooper! This looks promising, but having read the code I believe it only supports authentication via token validation. Could we extend this solution to support authorization via claim values? My use case is to carry user's id or role in JWT claims in order to use these values to filter results. |
@mdtrooper @PawelBaranowski this PR has been open for a while, but sadly has not received any attention. It seems fairly straightforward. Can we resume the discussion about this, maybe as part of an issue, to decide if 1) is this still relevant/needed, 2) how would we automate testing for this as part of CI |
@nyurik TBH I'm (sadly) no longer an active user of Martin. Also, Rust is not my world, so I'll probably be of little help here. |
But...one question. Martin was a project for a company. Urbica o Yandex? |
Hi @mdtrooper 👋 Martin was created by Urbica. |
Hello, any updates on this? |
@lefuturiste I would be OK to merge it if this PR would be updated and include unit or integration tests and some rudimentary docs. I have no knowledge of JWT, so I cannot really gauge how this would be used or tested, but if someone puts in the efforts to add support for it (and also clearly explains why it is needed), I'm all for it. |
Okay fair enough, it need docs and tests. May be I can take a look, in my current use of martin, we would use it behind a nginx server with a JWT module so idk. But in anycase some sort of JWT should be implemented at the app level. |
Yes.
The JWT is coded into Martin. And it is runs fine.
Regards 🍻 .