ItamarWMDE created this task. ItamarWMDE added projects: Wikidata, Mismatch Finder (Mismatch Finder - sprint 1).
TASK DESCRIPTION Depends on T285327: Authorize API Consumers against Wikidata <https://phabricator.wikimedia.org/T285327> Ensure that we are able to authenticate Requests to our API using Authentication credentials that are sent with requests. There is still some research required on how to achieve this. See the following resources for some Ideas: - Authenticate with session cookies: https://laravel.com/docs/8.x/sanctum - Authenticate with JWT: - https://laravel.com/docs/8.x/sanctum#api-token-authentication - https://github.com/firebase/php-jwt **Hints**: - Potential authentication Flow: User Requests resource with authentication credentials (Token/Cookie/Other) → Decode / verify credentials → Send request to Wikidata to identify user (Using MW access tokens) → Check identity (username string) against allow list - HOT TIP: The allow-list would most probably be specified in the `.env` file on toolforge. TASK DETAIL https://phabricator.wikimedia.org/T285330 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: ItamarWMDE Cc: Lydia_Pintscher, Aklapper, ItamarWMDE, karapayneWMDE, Invadibot, maantietaja, Akuckartz, Nandana, Lahi, Gq86, GoranSMilovanovic, QZanden, Esc3300, LawExplorer, _jensen, rosalieper, Scott_WUaS, Wikidata-bugs, aude, Mbch331
_______________________________________________ Wikidata-bugs mailing list -- wikidata-bugs@lists.wikimedia.org To unsubscribe send an email to wikidata-bugs-le...@lists.wikimedia.org
