Page MenuHomePhabricator
Create Task
Maniphest T379007

Discuss best authn/z methods for initial phase of application development
Open, In Progress, MediumPublic
Actions

Related Objects
Search...

Event Timeline

sbassett created this task.Nov 4 2024, 5:22 PM
mmartorana added a comment.Wed, Nov 6, 4:41 PM

Hey - for the initial authn/z setup, I recommend using Django's built-in system. It's a solid, easy, and secure starting point.

In the future, we can explore integrating login with the wikimedia developer account. There are a few interesting Python packages available for this, and we could potentially use OAuth2.

However, for now, I suggest sticking with the built-in system.

sbassett moved this task from Incoming to Back Orders on the Security-Team board.Wed, Nov 6, 5:53 PM
sbassett added a project: SecTeam-Processed.
sbassett added a comment.Fri, Nov 8, 9:15 PM

Yes, this should probably be fine. The default django admin/auth does support token-based auth for django rest framework, so that should be all we need for now.

sbassett assigned this task to mmartorana.Tue, Nov 19, 6:17 PM
sbassett changed the task status from Open to In Progress.Fri, Nov 22, 9:35 PM
sbassett triaged this task as Medium priority.
sbassett moved this task from Back Orders to In Progress on the Security-Team board.
sbassett moved this task from Backlog to In Progress on the Universal Security Dashboard board.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits