pablodavidortega opened a new issue, #1468: URL: https://github.com/apache/couchdb-fauxton/issues/1468
<!--- Provide a general summary of the issue in the Title above --> ## Expected Behavior <!--- If you're describing a bug, tell us what should happen --> <!--- If you're suggesting a change/improvement, tell us how it should work --> CouchDB should allow for authentication via a JWT generated from an outside service. This would allow admins (and non-admins) to log into the UI using temporary tokens rather than static credentials. A general pattern for multiple authentication methods should also be established, keeping with Fauxton's general user experience guidelines. This is related but distinct to #1457, which mentions implementing a full Identity Provider Flow. These two methods can work together and are largely similar to each other under the hood. When logging in, a user should be able to supply a token instead of a BasicAuth pair. When logged in, they should have access in the same way that a user with the same roles would. When a token expires, the token should be deleted from the browser data, and the user will be automatically redirected to the login page. This is behavior similar to a session timeout today. ## Current Behavior <!--- If describing a bug, tell us what happens instead of the expected behavior --> <!--- If suggesting a change/improvement, explain the difference from current behavior --> Only BasicAuth is supported in the UI. ## Possible Solution <!--- Not obligatory, but suggest a fix/reason for the bug, --> <!--- or ideas how to implement the addition or change --> Implementing a JWT login form as an option in a drop down in `#login` page. PR will be supplied. ## Steps to Reproduce (for bugs) <!--- Provide a link to a live example, or an unambiguous set of steps to --> <!--- reproduce this bug. Include code to reproduce, if relevant --> 1. Attempt to log in with a token ## Context <!--- How has this issue affected you? What are you trying to accomplish? --> <!--- Providing context helps us come up with a solution that is most useful in the real world --> Users often want to validate their data in the UI. This can lead to sharing credentials to access the UI. These credentials may or may not be stored or handled properly. In scenarios where an environment is properly managed and secure, the credentials are not available to anybody and validating data becomes more difficult. Allowing JWT in the UI would allow a user to get a short lived token from a token provider, log into FauxtonUI, and take a look at their data. ## Your Environment <!--- Include as many relevant details about the environment you experienced the bug in --> * Version used: 3.4.1 * Browser Name and version: Chrome * Operating System and version (desktop or mobile): MacOS * Link to your project: https://github.com/pablodavidortega/couchdb-fauxton -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
