Comments (2)
frrist
commented on September 21, 2024
Additionally we will need a way to modify the port the WebUI uses to access bacalhau. Since when bacalhau is run with TLS enabled the RPC is served on port 443 rather than the insecure default of 1234
from bacalhau.
simonwo
commented on September 21, 2024
Notes on what needs to be done are here: https://docs.bacalhau.org/dev/auth_flow#authnz-in-the-web-ui
The Web UI currently does not have any authn/z capability, and so can only work with the default Bacalhau configuration which does not limit unauthenticated users from querying read-only API endpoints.
To upgrade the Web UI to work in authenticated cases, it will be necessary to implement the algorithms noted above. In short:
- The Web UI will need to query the auth API endpoint for available authn methods.
- It should then pick an appropriate authn method, either by asking the user, choosing based on known available data (e.g. existing presence of a private key), or by picking the only available option.
- It should then run the authn flow for that type:
- For challenge types, it will need a private key. It should probably generate and store one persistently rather than asking the user to upload theirs.
- For ask types, it will need to parse the input JSON Schema and present a web form to collect the necessary authn credentials.
- Once it has successfully authenticated, it should persistently store the access token and add it to all subsequent API requests.
from bacalhau.
Related Issues (20)
- Running a compute node on the same machine as a serving bacalhau node gives faulty error HOT 2
- After failing and rejoining, a node is given a new ID, and the old node is not deleted HOT 3
- After killing a compute node, it restarts and gets a new ID, and the old one is not reaped. HOT 2
- The UI for failed jobs needs a lot of work
- CPU limits warning doesn't present well
- Separate logs for jobs?
- Prints out a lot amount of logs during a long running job
- Better errors, but can do with a lot of layout
- Too many logs during start
- Using 0.0.0.0 as the default (rather than the public network)
- Bacalhau Key already there? Why isn't it reading the existing PEM?
- allow = with config set
- NATS related error when starting - unclear why?
- Be able to identify where a config setting is coming from
- Improve the error message for no server running
- Pipe to command not working HOT 1
- job progress doesn't render correctly when window is small
- Additional help hint are printed
- Node terminated with panic HOT 2
- The `--repo` and `--data-dir` flag don't expand paths
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bacalhau.