github
html_url | issue_url | id | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
https://github.com/simonw/datasette/issues/1850#issuecomment-1289707357 | https://api.github.com/repos/simonw/datasette/issues/1850 | 1289707357 | IC_kwDOBm6k_c5M319d | 9599 | 2022-10-24T22:23:12Z | 2022-10-24T22:23:12Z | OWNER | Here's the implementation of `datasette-auth-tokens`: https://github.com/simonw/datasette-auth-tokens/blob/main/datasette_auth_tokens/__init__.py | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1421529723 | |
https://github.com/simonw/datasette/issues/1850#issuecomment-1289706439 | https://api.github.com/repos/simonw/datasette/issues/1850 | 1289706439 | IC_kwDOBm6k_c5M31vH | 9599 | 2022-10-24T22:22:17Z | 2022-10-24T22:22:17Z | OWNER | API authentication will be via `Authorization: Bearer XXX` request headers. I'm inclined to add a default token mechanism to Datasette based on tokens that are signed with the `DATASETTE_SECRET`. Maybe the root user can access `/-/create-token` which provides a UI for generating a time-limited signed token? Could also have a `datasette create-token` command for creating such tokens at the command-line. Plugins can then define alternative ways of creating tokens, such as the existing https://datasette.io/plugins/datasette-auth-tokens plugin. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1421529723 | |
https://github.com/simonw/datasette/issues/1850#issuecomment-1289703432 | https://api.github.com/repos/simonw/datasette/issues/1850 | 1289703432 | IC_kwDOBm6k_c5M31AI | 9599 | 2022-10-24T22:19:48Z | 2022-10-24T22:19:48Z | OWNER | It may turn out that it makes sense to also add a UI for these actions as part of this project. That's still to be determined. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1421529723 | |
https://github.com/simonw/datasette/issues/1850#issuecomment-1289702146 | https://api.github.com/repos/simonw/datasette/issues/1850 | 1289702146 | IC_kwDOBm6k_c5M30sC | 9599 | 2022-10-24T22:19:04Z | 2022-10-24T22:19:04Z | OWNER | This is going to need a whole bunch of new permissions. To review: the existing set of permissions are listed here: https://docs.datasette.io/en/0.62/authentication.html#built-in-permissions - `view-instance` - `view-database` - `view-database-download` - `view-table` - `view-query` - `execute-sql` - `permissions-debug` - `debug-menu` I'm going to reuse database terminology for the new permissions. So first draft of those is: - `insert-row` - `update-row` - `delete-row` - `create-table` - `drop-table` - `alter-table` | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1421529723 | |
https://github.com/simonw/datasette/issues/1850#issuecomment-1289696171 | https://api.github.com/repos/simonw/datasette/issues/1850 | 1289696171 | IC_kwDOBm6k_c5M3zOr | 9599 | 2022-10-24T22:15:57Z | 2022-10-24T22:15:57Z | OWNER | I'm going to treat this as a bit of a research spike, at least until I like the direction it is going enough to commit to it. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1421529723 |