Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add authorization #1187

Closed
4 tasks
Tracked by #944
renaynay opened this issue Sep 30, 2022 · 0 comments · Fixed by #1426 or #1429
Closed
4 tasks
Tracked by #944

add authorization #1187

renaynay opened this issue Sep 30, 2022 · 0 comments · Fixed by #1426 or #1429
Labels
area:api Related to celestia-node API area:rpc

Comments

@renaynay
Copy link
Member

renaynay commented Sep 30, 2022
edited
Loading

  • scaffolding for perms
  • jwt token gen (in node module)
  • add header and token in client wrapper
  • add auth methods on node module
@renaynay renaynay mentioned this issue Sep 30, 2022
Closed
30 tasks
@renaynay renaynay added area:rpc area:api Related to celestia-node API labels Nov 21, 2022
This was referenced Nov 28, 2022
Merged
Merged
Merged
renaynay added a commit that referenced this issue Dec 20, 2022
@renaynay
feat(api/rpc): Implement auth middleware on Server (#1402)
8b71eaf 
Related to #1187 

**This PR is based on #1313** 

**It implements:** 
* providing a new JWT secret from the `nodebuilder/node` module to both
the node module and the rpc server.
* auth middleware for the `rpc.Server` that verifies the given token
with the server's secret

In a follow-up PR will come the ability to create an rpc client with
elevated permissions (this branch restricts client access to read-only
API methods).
renaynay added a commit that referenced this issue Dec 22, 2022
@renaynay
feat(api/client): Implement RPC client authentication (#1426)
0d8cb93 
Resolves #1187

* Adds `NewClientWithPerms` which takes a token and adds it to the
request header for rpc calls
* Adds tests for authenticated methods
renaynay added a commit that referenced this issue Dec 23, 2022
@renaynay
feat(cmd/celestia): Add auth subcommand to bridge, full and light (#…
bcaa431 
…1429)

Resolves #1187

This PR adds an `auth` subcommand to `bridge`, `full` and `light` nodes.

Intended use: after a node is already initialized and started, a user
can use the CLI to generate a signed token with some given perms via the
`auth` cmd.

Example:

```
celestia bridge auth admin 
```

The above command outputs a signed JWT token with admin permissions that
a user can use with `client.NewClient()` to access admin-level methods
on the node.

Reference [this
commit](2c833bc)
for the actual diff.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area:api Related to celestia-node API area:rpc
Projects
None yet
Milestone
No milestone
1 participant
@renaynay