Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update all edx-platform REST endpoints to support JWT Auth #33662

Closed
39 tasks
feanil opened this issue Nov 6, 2023 · 1 comment
Closed
39 tasks

Update all edx-platform REST endpoints to support JWT Auth #33662

feanil opened this issue Nov 6, 2023 · 1 comment
Assignees
@salman2013

Comments

@feanil
Copy link
Contributor

feanil commented Nov 6, 2023
edited
Loading

The default DRF Auth classes were recently updated to allow for both JWT and Session auth by default. Any endpoint that overrides the AUTHENTICATION_CLASSES but has just session, just JWT or just both of those should be updated to remove the override.

Related Issue: #33302

Tasks

  • Update all API views that explicitly accept only SessionAuth to use the DEFAULT_AUTHENTICATION_CLASSES instead.

Relevant Views/URLs

  • /api/bookmarks/v1/bookmarks/ : get
  • /api/bookmarks/v1/bookmarks/ : post
  • /api/bookmarks/v1/bookmarks/{username},{usage_id}/ : get
  • /api/bookmarks/v1/bookmarks/{username},{usage_id}/ : delete
  • /api/commerce/v0/baskets/{basket_id}/order/ : get
  • /api/send_account_activation_email : post
  • /api/team/v0/bulk_team_membership/{course_id} : get
  • /api/team/v0/bulk_team_membership/{course_id} : post
  • /api/team/v0/team_membership/ : get
  • /api/team/v0/team_membership/ : post
  • /api/team/v0/team_membership/{team_id},{username} : get
  • /api/team/v0/team_membership/{team_id},{username} : delete
  • /api/team/v0/teams/ : get
  • /api/team/v0/teams/ : post
  • /api/team/v0/teams/{team_id} : get
  • /api/team/v0/teams/{team_id} : patch
  • /api/team/v0/teams/{team_id} : delete
  • /api/team/v0/teams/{team_id}/assignments : get
  • /api/team/v0/topics/ : get
  • /api/team/v0/topics/{topic_id},{course_id} : get
  • /api/user/v1/forum_roles/{name}/users/ : get
  • /api/user/v1/preferences/{pref_key}/users/ : get
  • /api/user/v1/preferences/{username}/{preference_key} : get
  • /api/user/v1/preferences/{username}/{preference_key} : put
  • /api/user/v1/preferences/{username}/{preference_key} : delete
  • /api/user/v1/preferences/email_opt_in/ : post
  • /api/user/v1/user_prefs/ : get
  • /api/user/v1/user_prefs/{id}/ : get
  • /api/user/v1/users/ : get
  • /api/user/v1/users/{id}/ : get
  • /courses/{course_id}/teams/ : get
  • /user_api/v1/forum_roles/{name}/users/ : get
  • /user_api/v1/preferences/{pref_key}/users/ : get
  • /user_api/v1/preferences/email_opt_in/ : post
  • /user_api/v1/user_prefs/ : get
  • /user_api/v1/user_prefs/{id}/ : get
  • /user_api/v1/users/ : get
  • /user_api/v1/users/{id}/ : get

Acceptance Criteria

  • There are no API Views in edx-platform that explicitly only allow SessionAuth, only JWT Auth, or only those two together.
  • It's fine to break this up into multiple PRs to ease review and land smaller changes.
feanil pushed a commit that referenced this issue Feb 13, 2024
@salman2013
Update all edx-platform REST endpoints to support JWT Auth (#34152)
57b480b 
* chore: update API endpoints to support default JWT auth

The default DRF Auth classes were recently updated to allow for both JWT and Session auth by default. Any endpoint that overrides the AUTHENTICATION_CLASSES but has just session, just JWT or just both of those should be updated to remove the override.

Details in #33662
@feanil
Copy link
Contributor Author

feanil commented Feb 13, 2024

Updated in #34152

@feanil feanil closed this as completed Feb 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@salman2013 salman2013

Labels
None yet
Projects
Aximprovements Team
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@feanil @salman2013