Hi, Zhiyuan, If everything goes well, we will have our User Management including sign in and register through OAuth by the end of the GSoC period. I have an active proposal on that idea. Feel free to check it out :)
Regarding the options that JunXu has provided, I think option 2 has more flexibility. We can let the user choose between HTTP or HTTPS(certfile and keyfile) through command-line flags. Thanks. On Sat, 10 Apr 2021 at 19:06, Zhiyuan Ju <[email protected]> wrote: > Not sure if users will expose ManagerAPI directly. I think no, because this > OSS doesn’t have features on User Management, so why not put it back the > Apache APISIX? And integrate with custom user management with OAuth, etc. > > Of course this feature is good to include, but not urgent IMO. > > > > JunXu Chen <[email protected]>于2021年4月10日 周六下午8:58写道: > > > Hi, Community, > > > > Now APISIX Dashboard does not support HTTPS access, which is not safe and > > easy to be hijacked and sniffed. > > > > We should support HTTPS access. We have two options to support HTTPS. > > > > Option 1 > > Use APISIX to proxy Dashboard, and APISIX provides HTTPS support. > > Generally, people will not directly expose Dashboard to the Internet, and > > it is natural to use APISIX to proxy. And in this option, Dashboard does > > not need to be changed. > > > > Option 2 > > The Dashboard Manager API directly supports HTTPS. > > The advantage of this is that it can also support HTTPS without using > > APISIX or other servers to proxy Dashboard. And people can also continue > to > > choose option 1. > > > > Do you think it is necessary to directly support HTTPS in the Dashboard > > Manager API? > > > > Thanks! > > > -- > 来自 琚致远 >
