Use POST /login to authenticate users #53

Closed
opened 2022-09-13 08:01:43 +00:00 by AmineB · 7 comments
Owner

Thanks, I will try to test it when I find time. Also, it would be nice to use POST method for login as pointed out in https://github.com/fossar/selfoss/issues/1356. It is supported since 2.18.

Originally posted by @jtojnar in https://gitea.amine-louveau.fr/Louvorg/ReaderForSelfoss-multiplatform/issues/52#issuecomment-452

Thanks, I will try to test it when I find time. Also, it would be nice to use POST method for login as pointed out in https://github.com/fossar/selfoss/issues/1356. It is [supported since 2.18](https://github.com/fossar/selfoss/commit/bfda0740fa7f3e9ae04bd26b54ef815ab46e896b). _Originally posted by @jtojnar in https://gitea.amine-louveau.fr/Louvorg/ReaderForSelfoss-multiplatform/issues/52#issuecomment-452_
AmineB added the
Type = Enhancement
label 2022-09-13 08:02:03 +00:00
AmineB added this to the A little better milestone 2022-09-13 08:02:07 +00:00
AmineB added this to the Dev project 2022-09-13 08:02:12 +00:00
AmineB self-assigned this 2022-09-13 08:02:16 +00:00
Contributor

Perfect; if we're also going to use cookies rather than sending the login parameters with each request then we should implement a way to check that the cookie did not expire and in case request a new one automatically.

Perfect; if we're also going to use cookies rather than sending the login parameters with each request then we should implement a way to check that the cookie did not expire and in case request a new one automatically.
AmineB removed this from the Dev project 2022-09-13 14:41:41 +00:00
AmineB added this to the Dev project 2022-11-02 19:07:29 +00:00
Author
Owner

Because the /api/about insn't available in the 2.18 version, there is no way to reliably check wich version to use.

I'll wait on the matomo api version results.

Because the `/api/about` insn't available in the 2.18 version, there is no way to reliably check wich version to use. I'll wait on the matomo api version results.
AmineB removed this from the A little better milestone 2022-11-17 19:50:50 +00:00
AmineB added the
Priority = Some day
label 2022-11-17 19:50:55 +00:00
AmineB removed this from the Dev project 2022-11-17 19:50:58 +00:00
Contributor

Isn't POST/login supported in 2.18 as well?

Isn't POST/login supported in 2.18 as well?
Author
Owner

As said in my previous comment, /api/about insn't available in the 2.18 version, so I can't check if I can use the new login in 2.18

As said in my previous comment, `/api/about` insn't available in the 2.18 version, so I can't check if I can use the new login in 2.18
Contributor

You mean to say that it's impossible to determine wether the selfoss instance is running a version prior to 2.18? That could in fact be a problem. Is there any way to determine if someone is still using such old versions of Selfoss?

You mean to say that it's impossible to determine wether the selfoss instance is running a version prior to 2.18? That could in fact be a problem. Is there any way to determine if someone is still using such old versions of Selfoss?
Author
Owner

Not really. In the 2.18 release, the /api/about method isn't available. It's introduced in a commit between 2.18 and 2.19.

Using the version as a condition would make us "miss" some users that are in 2.18, and could use the POST login.

Not really. In the 2.18 release, the `/api/about` method isn't available. It's introduced in a commit between 2.18 and 2.19. Using the version as a condition would make us "miss" some users that are in 2.18, and could use the POST login.
Contributor

That is true, but is there another way to test if POST is supported?
Maybe in Selfoss 2.17 you receive a particular reply which you could use to pinpoint the version as older than 2.18.

Otherwise, if that's not possible, I believe it's better to use GET for 2.18 and POST for 2.19 rather than GET for both.

That is true, but is there another way to test if POST is supported? Maybe in Selfoss 2.17 you receive a particular reply which you could use to pinpoint the version as older than 2.18. Otherwise, if that's not possible, I believe it's better to use GET for 2.18 and POST for 2.19 rather than GET for both.
AmineB added this to the Dev project 2022-11-29 20:43:08 +00:00
Sign in to join this conversation.
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Louvorg/ReaderForSelfoss-multiplatform#53
No description provided.