cowboygneox / gandalf Goto Github PK
View Code? Open in Web Editor NEWGandalf Authentication Proxy - Take care of auth early so we don't have to worry elsewhere
Gandalf Authentication Proxy - Take care of auth early so we don't have to worry elsewhere
After a logout, the token will be invalid. If a user reuses the invalid token, they will receive a 401.
Opening the websocket to Gandalf will be open to the world, but authentication will be required within 2 seconds or the socket will close. To authenticate the socket, the first message sent to the socket will be:
Authentication: Bearer {access_token}
Lock out an IP after a certain number of attempts over a certain period.
Consistent with Kubernetes documentation:
/auth/live
will return 200 "OK" if the service is responding to any traffic./auth/ready
will return 200 "OK" if all service dependencies (postgres, redis) are appropriately connected.Obviously the documentation is lacking. Let's get that in.
I need to quantify which headers to filter out and document them here.
There should be configuration for enforcing username and password requirements. Maybe a regex or something?
When hitting the /search endpoint, results only come back in a case sensitive manner
Regardless if the login succeeds or fails, the timing should be near identical to avoid exposing knowledge of users in the system.
Tokens that live forever will just flood our cache, and it makes it easier to bruteforce. We should make a configurable duration that will cleanup tokens.
The test coverage is decent, but most of the code exists in a single file due to the injection of the configuration. The codebase could use a pass of cleanup to make the code much more manageable.
Currently, if you provide an Authorization
header with lower case bearer
, it will reject the token. Forcing capitalization is unnecessary.
Support for products like Prometheus would be excellent.
Apparently, passing in a Content-Type
of application/x-www-form-urlencoded
makes the app fail. This is not by design.
Return a payload and status code that emphasizes a timeout.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.