Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication Enhancements: Invoke-PodeAuth & -NoMiddlewareAuthentication #1468

Open
wants to merge 15 commits into
base: develop
Choose a base branch
from
Open

Authentication Enhancements: Invoke-PodeAuth & -NoMiddlewareAuthentication #1468

wants to merge 15 commits into from

Conversation

mdaneri
Copy link
Contributor

@mdaneri mdaneri commented Jan 22, 2025
edited
Loading

Summary

This pull request introduces improvements to Pode's authentication handling by adding a new Invoke-PodeAuth function and a -NoMiddlewareAuthentication parameter for Add-PodeRoute. These changes provide greater flexibility and control over authentication processing within routes.

Changes Introduced

1. Invoke-PodeAuth Function

  • A new function that directly invokes authentication methods and returns the result from Add-PodeAuth.
  • This function is adding to the existing Test-PodeAuth, which was not suitable for handling authentication logic in this context.
  • Provides a streamlined approach for manually handling authentication within routes.

2. -NoMiddlewareAuthentication Parameter for Add-PodeRoute

  • Allows routes to bypass automatic authentication middleware processing.
  • Enables manual authentication checks within route script blocks, giving developers more control over authentication flow.

Motivation

The existing approach using Test-PodeAuth did not provide sufficient flexibility for manual authentication handling within routes. These changes allow developers to handle authentication responses directly, improving customization and control over the authentication process.

Usage Example

New-PodeAuthScheme -ApiKey | Add-PodeAuth -Name 'APIKey' -Sessionless -ScriptBlock {
    param($key)

    # Handle missing API key
    if (!$key) {
        return @{ Success = $false; Reason = 'No X-API-KEY Header found' }
    }

    # Validate API key
    if ($key -eq 'test_user') {
        return @{ Success = $true; User = 'test_user'; UserId = 1 }
    }

    # Return failure for invalid users
    return @{ Success = $false; User = $key; UserId = -1; Reason = 'Not existing user' }
}
    
Add-PodeRoute -Method 'Get' -Path '/api/v3/' -Authentication 'APIKey' -NoMiddlewareAuthentication -ScriptBlock {
    $auth = Invoke-PodeAuth -Name 'APIKey'

    if ($auth.Success) {
        Write-PodeJsonResponse -Value @{ Username = $auth.User }
    } else {
        Write-PodeJsonResponse -Value @{ message = $auth.Reason; user = $auth.User } -StatusCode 401
    }
}

@mdaneri mdaneri marked this pull request as draft January 22, 2025 00:50
@mdaneri mdaneri changed the title 401response Authentication Enhancements: Invoke-PodeAuth & -NoMiddlewareAuthentication Jan 22, 2025
@mdaneri mdaneri marked this pull request as ready for review January 22, 2025 02:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mdaneri