Comments (4)
@thehowl I will create a PR to address this issue and look forward to your guidance to complete this
from gno.
@linhpn99 No I'm not. That's an example of how basic auth can be implemented at the server level, using caddy (which requires the password to be stored as safe hashes); it's provided as a reference for testing.
This is not a server change, only a client change. It can be as simple as calling this with the values provided in the remote URL.
from gno.
Thanks!
from gno.
it seems you're recommending to use bcrypt to encrypt the password, where can we store the salt
for both server and client ?
HTTP basic authentication is a simple authentication mechanism, implemented directly in the protocol. Because it is integrated at a protocol level, web services can be protected by edge web servers like nginx and caddy, without requiring changes in the application itself.
For instance, I could have a simple caddy set up of a gno.land node, password-protecting its RPC, as follows:
rpc.gno.land { reverse_proxy gnoland:26657 basic_auth { # Username "bob", password "hiccup" bob $2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG } }However, this is not supported client-side, for instance in gnokey. The URL-spec compliant syntax for providing basic authentication is prefixing the domain with
user:password@
, as follows:https://bob:[email protected]:443
It would be nice if our clients, like
gnokey
andgnoclient
, supported basic authentication and automatically added theAuthorization
header in HTTP requests when provided.
from gno.
Related Issues (20)
- Constant Declaration with Slice Type Compiles Without Error HOT 1
- [infra] Minimal Setup of Observability node running monitoring service
- `gno fmt` adds an extra line at the end of the file HOT 3
- Panic on Type Assertion with Interface HOT 2
- Incorrect Variable Assignment
- [infra] GnoFaucet - Create Healthcheck enpoint HOT 1
- Better Gno Error Handling HOT 1
- Removing the admin from the system contract entirely.
- error: primitive type int cannot be indexed
- [Native Banker] Implement `TotalCoin` HOT 2
- GnoDev - Conflicting Package Resolution Between Personal Repo and Examples Folder HOT 3
- Investigate effect of "0.0.0.0 Day" issue in browsers on running gno locally
- [Homepage] `/r/gnoland/featured` realm
- bug(gnovm): prohibit conversion of non-convertible typed constants
- Gno Playground - deploy on portal loop does not take my namespace input HOT 1
- [Debugger] Debug realms during transaction execution HOT 2
- GnoWeb not rendering correctly on Windows
- Add timezone support to the gno standard library's `time` package
- How to verify the timestamp of a node?
- Feature: GnoLinks BlockChain Interactions
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gno.