Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Question: Other ways of setting created_by or updated_by #297

Closed
fenriskiba opened this issue Oct 16, 2019 · 3 comments
Closed

Question: Other ways of setting created_by or updated_by #297

fenriskiba opened this issue Oct 16, 2019 · 3 comments

Comments

@fenriskiba
Copy link
Contributor

Is there a way to set the created_by or updated_by other than a claim on an authorization JWT?

We are considering using a separate security layer proxy to control access to Flagr so that we can have multiple access types with access to different API endpoints. For that implementation, we were hoping to maintain the created_by and updated_by without needing Flagr to redundantly verify a JWT after our security layer has already authenticated/authorized a user.

I looked around a bit, but I couldn't find any way to do this in the API's. Did I miss something, or is there no way to do that right now in Flagr?

@zhouzhuojie
Copy link
Collaborator

Hey, I think we can also have a configurable option to get created_by or updated_by from headers, for example, change the code below to accept a header value passed by your authentication gateway.

https://github.com/checkr/flagr/blob/master/pkg/handler/jwt.go#L12-L26

PRs are welcome!

@fenriskiba
Copy link
Contributor Author

Awesome! I've got to prioritize some other work first, so I'm not sure when I can get around to making this change, but that sounds like a great solution.
Thanks for the input and pointing me to the right function to make the update. 😄

@pacoguzman
Copy link
Contributor

Possible solution to this -> #300

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants