Skip to content

Commit

Permalink
Implement token and basic authentication
Browse files Browse the repository at this point in the history
NOTE: this Service is not resilient against brute-force attacks in such
it does not implement rate limiting on authentication nor authorization
requests.

* Uses Linux users to authorize requests.
* no authorization roles or scopes are implemented yet.
* token based authentication is implemented with the Redfish session
  login authentication in mind. That is, when we would implement Redfish
  it should be easy to append the current implementation
* token timeout gets reset on every use of the token.
* basic authentication: The authentication service expects a
  'Authorization' header containing the following format: 'Basic <base64
  encoded as <username:password>>'
  • Loading branch information
svenrademakers committed Sep 27, 2023
1 parent 23fab75 commit e699d6d
Show file tree
Hide file tree
Showing 9 changed files with 823 additions and 48 deletions.
186 changes: 158 additions & 28 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 3 additions & 1 deletion bmcd/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@ serde_yaml = "0.9.25"
tpi_rs = { path = "../tpi_rs" }
clap = { version = "4.4.2", features = ["cargo"] }
openssl = "0.10.57"
rand = "0.8.5"
pwhash = "1.0.0"
base64 = "0.21.4"

anyhow.workspace = true
log.workspace = true
Expand All @@ -23,4 +26,3 @@ tokio.workspace = true
tokio-util.workspace = true
futures.workspace = true
serde.workspace = true
rand = "0.8.5"
Loading

0 comments on commit e699d6d

Please sign in to comment.