Merge lp:~jimmy-sigint/mailman/restapi_auth into lp:mailman
Status: | Merged |
---|---|
Approved by: | Barry Warsaw |
Approved revision: | 6956 |
Merged at revision: | 6957 |
Proposed branch: | lp:~jimmy-sigint/mailman/restapi_auth |
Merge into: | lp:mailman |
Diff against target: |
178 lines (+52/-10) 5 files modified
src/mailman/config/schema.cfg (+5/-0) src/mailman/rest/docs/basic.txt (+22/-3) src/mailman/rest/root.py (+14/-2) src/mailman/testing/layers.py (+6/-2) src/mailman/tests/test_documentation.py (+5/-3) |
To merge this branch: | bzr merge lp:~jimmy-sigint/mailman/restapi_auth |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Barry Warsaw | Approve | ||
Review via email: mp+36833@code.launchpad.net |
Description of the change
In my opinion the REST API needs to be authenticated for the following reasons:
1. Even though it is by default exposed only on localhost, this means that all local users can administer mailing-lists instead of only some specific user like root.
2. It makes sense to use the REST API for integrating with external systems. These external systems will often be on other servers, causing the need for exposing the REST API on different interfaces than the loopback interface. For this authentication is a requirement.
The change in my branch solves this by adding a single shared username/password in the webservice section of the config using the parameters admin_user and admin_pass. The API is then changed to require HTTP basic auth using these credentials.
Thanks for the branch Jimmy. I think you make some good points about enabling some form of authentication in the REST server. I've looked at:
http:// ish.io/ embedded/ restish/ guard.html
which provides examples of hooking up repoze.who. Did you think about that and if so, why did you choose not to use it (adding a dependency and the extra code complexity is a valid answer :).
Have you thought about using something like OAuth? Are you concerned at all about cleartext passwords?
Finally, while your patch looks basically decent (I'd quibble with some whitespace, but that's unimportant), please consider adding a test and/or some documentation (the latter perhaps as a doctest). And are you willing and able to assign your copyright to the FSF?