Manage api from Cachet Settings page (#235)#236
Manage api from Cachet Settings page (#235)#236icecoldPHP wants to merge 10 commits intocachethq:mainfrom
Conversation
Add settings to force authentication for API
jbrooksuk
left a comment
jbrooksuk
left a comment
There was a problem hiding this comment.
Overall this looks pretty good to me. We need some tests to validate that the API can be enabled and disabled + that GET requests can be protected.
ApiEnabled & ApiPublicOrProtected which solves the early access to DB Added GetOrDefault to AppSettings for ease of use and removal of duplicate code.
jbrooksuk
left a comment
jbrooksuk
left a comment
There was a problem hiding this comment.
Couple of things we need to fix here.
| { | ||
| $protected = AppSettings::getOrDefault('api_protected', false); | ||
| if ($protected) { | ||
| return parent::handle($request, $next, ...$guards); |
There was a problem hiding this comment.
This is trying to redirect to a login route which doesn't exist in Cachet.
There was a problem hiding this comment.
@jbrooksuk This is something that is managed by Sanctum.
We could override this because this is currently a global issue.
So do you want me to override the sanctum routes within the Core?
or do you want me to fix this in the Cachet repo?
Or both
Because on my instance i changed this on the cachet repo by hand (sanctum config).
So it redirect to the correct login page
Fix add static types to method
icecoldPHP
changed the title
3 participants
Add settings to enable and disable API
Add settings to force authentication for API
Closes: #235