[Kimchi-devel] adding '/auth' for authentication
Lucio Correia
luciojhc at linux.vnet.ibm.com
Wed Aug 5 17:56:02 UTC 2015
Hi Harshal,
On 08/02/2015 01:45 PM, Harshal Patil wrote:
> Hi,
> In the 'wok' branch there isn't anything to detect if the session has
> timed out on the browser side. On the other hand, on master (kimchi)
> there is '/vms' endpoint called every 5 seconds which kinda takes care
> of making sure the user is indeed logged in.
> So I was wondering, if no one is already working on it, to introduce a
> '/auth' endpoint which we can poll every 5 seconds using ajax and based
> on the response status code we can either redirect to login page or just
> stay on the same page. This is useful in 'wok' because there isn't any
> '/vms' endpoint which existed in master (kimchi) by default.
> I can submit a patch for review if this sounds good so far. Also, if
> there is a better way of doing it, I would love to hear about it.
> Harshal
>
>
The 10-minutes time out is still working with wok branch. But it is only
verified if you leave it in "Host" or "Guests" tab. Other tabs' APIs
don't send "wok-robot" in headers.
Your proposal is good, you will need to send "wok-robot" in '/auth'
headers, and remove the "wok-robot" from kimchi plugin's Host and Guests
API headers.
--
Lucio Correia
Software Engineer
IBM LTC Brazil
More information about the Kimchi-devel
mailing list