I’m not sure I fully understand this last paragraph about setting a maximum amount of time per token. Regardless, I would not add the ability to request new JWT tokens using JWT authentication in the MVP unless it’s easy to implement. I think we want that eventually but what we have today supports most of what users want or need from JWT auth.
David On Tue, Nov 28, 2017 at 5:34 PM, Dennis Kliban <dkli...@redhat.com> wrote: > Our MVP doc currently states "As an API user, I can authenticate any API > call (except to request a JWT) with a JWT. (not certain if this should be > the behavior) [in progress]" > > The uncertainty was due to the "except to request a JWT" clause. > > I propose that Pulp 3 should support requesting a new JWT by using an > existing JWT. Automated systems that integrate with Pulp would benefit from > being able to renew tokens using an existing token. > > Enabling this feature with django-rest-framework-jwt requires also > selecting the maximum amount of time since original token was issued that > the token can be refreshed. The default is 7 days. Pulp users should be > able to supply this value. Thy should also be able to specify how long each > token is good for. > > > What do others think? > > _______________________________________________ > Pulp-dev mailing list > Pulp-dev@redhat.com > https://www.redhat.com/mailman/listinfo/pulp-dev > >
_______________________________________________ Pulp-dev mailing list Pulp-dev@redhat.com https://www.redhat.com/mailman/listinfo/pulp-dev