^_^ Got it, looks good to me then.
Bisakh Mondal <[email protected]>于2021年4月10日 周六下午10:43写道: > Hi, Zhiyuan, > > If everything goes well, we will have our User Management including sign > in and register through OAuth by the end of the GSoC period. I have an > active proposal on that idea. Feel free to check it out :) > > Regarding the options that JunXu has provided, I think option 2 has more > flexibility. We can let the user choose between HTTP or HTTPS(certfile and > keyfile) through command-line flags. Thanks. > > On Sat, 10 Apr 2021 at 19:06, Zhiyuan Ju <[email protected]> wrote: > > > Not sure if users will expose ManagerAPI directly. I think no, because > this > > OSS doesn’t have features on User Management, so why not put it back the > > Apache APISIX? And integrate with custom user management with OAuth, etc. > > > > Of course this feature is good to include, but not urgent IMO. > > > > > > > > JunXu Chen <[email protected]>于2021年4月10日 周六下午8:58写道: > > > > > Hi, Community, > > > > > > Now APISIX Dashboard does not support HTTPS access, which is not safe > and > > > easy to be hijacked and sniffed. > > > > > > We should support HTTPS access. We have two options to support HTTPS. > > > > > > Option 1 > > > Use APISIX to proxy Dashboard, and APISIX provides HTTPS support. > > > Generally, people will not directly expose Dashboard to the Internet, > and > > > it is natural to use APISIX to proxy. And in this option, Dashboard > does > > > not need to be changed. > > > > > > Option 2 > > > The Dashboard Manager API directly supports HTTPS. > > > The advantage of this is that it can also support HTTPS without using > > > APISIX or other servers to proxy Dashboard. And people can also > continue > > to > > > choose option 1. > > > > > > Do you think it is necessary to directly support HTTPS in the Dashboard > > > Manager API? > > > > > > Thanks! > > > > > -- > > 来自 琚致远 > > > -- 来自 琚致远
