subject:"\[GitHub\] \[apisix\] moonming commented on pull request #2230\: bug\: removed default access token for Admin API"

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox



moonming commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692515133


   YOUR_OWN_API_TOKEN
   
   Thanks,
   Ming Wen
   Twitter: _WenMing
   
   
   YuanSheng Wang  于2020年9月15日周二 下午3:09写道：
   
   > *@membphis* commented on this pull request.
   > --
   >
   > In FAQ.md
   > :
   >
   > > @@ -80,7 +80,7 @@ An example, `foo.com/product/index.html?id=204&page=2` 
, gray release based on `i
   >
   >  here is the way:
   >  ```shell
   > -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: 
edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
   > +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: 
**' -X PUT -d '
   >
   > what is your advice?
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox



moonming commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692515707


   I insist on this, if automatic generation token is not possible, I would
   rather not remove the default token
   
   Thanks,
   Ming Wen
   Twitter: _WenMing
   
   
   YuanSheng Wang  于2020年9月15日周二 下午3:07写道：
   
   > Users will encounter errors when running apisix start, and this
   > experience is bad.
   >
   > I think it is enough for now. We have told the user how to generate the
   > Admin API key.
   >
   > ./bin/apisix init
   > ERROR: missing valid apisix.admin_key
   >
   > You can call `./bin/apisix gen_admin_key` to generate a new Admin API key 
or
   > manually update the `conf/config.yaml` file.
   >
   > If you prefer to automatically generate tokens, we can fix it with another
   > new PR maybe.
   >
   > We need to discuss on the mailing list whether to automatically generate
   > tokens for users when APISIX starts.
   >
   > The main purpose of this PR is to remove all default tokens. The current
   > PR is already big. I hope this PR will merge as soon as possible instead of
   > being blocked here.
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox



moonming commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692518089


   why `**` is invalid? Is this hard-coded in the code?
   
   Thanks,
   Ming Wen
   Twitter: _WenMing
   
   
   YuanSheng Wang  于2020年9月15日周二 下午3:15写道：
   
   > YOUR_OWN_API_TOKEN
   >
   > that is a bad name, because of the YOUR_OWN_API_TOKEN is a valid Admin
   > API key.
   >
   > the ** is a invalid Admin API key.
   >
   > valid config.yaml
   >
   > apisix:
   > admin_key:
   > -
   > name: "admin"
   > key:   YOUR_OWN_API_TOKEN # set your Admin API Key
   > role: admin
   >
   > invalid config.yaml
   >
   > apisix:
   > admin_key:
   > -
   > name: "admin"
   > key:   ** # set your Admin API Key
   > role: admin
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox



moonming commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692560517


   No, `YOUR_OWN_API_TOKEN` is just hint in doc, not api token itself.
   
   Thanks,
   Ming Wen
   Twitter: _WenMing
   
   
   YuanSheng Wang  于2020年9月15日周二 下午4:29写道：
   
   > *@membphis* commented on this pull request.
   > --
   >
   > In bin/apisix
   > :
   >
   > > +]]
   > +if type(default_conf.apisix.admin_key) ~= "table" or
   > +   #default_conf.apisix.admin_key == 0
   > +then
   > +io.stderr:write(help, "\n")
   > +os.exit(1)
   > +end
   > +
   > +for _, admin in ipairs(default_conf.apisix.admin_key) do
   > +if type(admin.key) == "table" then
   > +admin.key = ""
   > +else
   > +admin.key = tostring(admin.key)
   > +end
   > +
   > +if admin.key == "" or admin.key:gsub("*", "") == "" then
   >
   > In APISIX, the Admin API Key containing only * is invalid.
   > It is shadowy, but it works.
   >
   > If we use YOUR_OWN_API_TOKEN as Key, then we have to disable it here too.
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

2020-09-16 Thread GitBox



moonming commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-693237220


   I don't think so, `YOUR_OWN_API_TOKEN` is good as hint, not the real token.
   we can keep the current token 



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

2020-09-16 Thread GitBox



moonming commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-693734871


   In this pr, we only need to modify one file, and only need to make one 
change, which is to print a warning when the Admin IP is not 127.0.0.1 and 
using default token 



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

6 matches

Site Navigation

Mail list logo

Footer information