[RFC PATCH] REST: enable token authentication
Stephen Finucane
stephen at that.guru
Tue May 30 18:08:40 AEST 2017
On Tue, 2017-05-30 at 16:35 +1000, Andrew Donnellan wrote:
> On 30/05/17 16:26, Russell Currey wrote:
> > What exactly does BA get used for at the moment?
>
> REST requests that update status, e.g. sending a PATCH request on a
> patch to change status from "new" to "under-review", or something
> like that.
You also need it to access the '/users' resource, though this is a bit
useless now that we expose much of this information inline with certain
resources ('/patches', for example)
I'm contemplating either removing auth for '/users', or enforcing it
for _all_ endpoints. I'm still on the fence with this though.
Stephen
More information about the Patchwork
mailing list