Authentication in 0.5?


#1

Okay, so I last asked this here: Authorization and authentication

Keen to see what progress has been made in this area?
What’s the recommended path for developing an api that requires authentication and authorization with API Star?


#2

No doubt you’ve familiarized yourself with the documentation, but in case you missed it, API Star is fairly agnostic when it comes to authorization and authentication.

Fortunately, the Dependency Injection section (https://docs.apistar.com/api-guide/dependency-injection/) has a nice example of how to implement authentication via a UserComponent that injects a User instance into a request, when needed, and an Event hook to ensure all requests are authenticated.

Authorization is left as an exercise for the user and specific project requirements. Personally, I’ve not had a need to implement such a thing, but if I did, I’d probably want to try out something involving an annotation on the route.


#3

Have you looked at porting over a library that you are familiar with from a different framework? I did that when I needed email. It was pretty easy to modify the code to work as Component. Plus Apistar wouldn’t hurt to have a few more extensions.