V8-archive: Authenticating user in a custom endpoint

Created on 11 Apr 2019  路  9Comments  路  Source: directus/v8-archive

Feature Request

  1. Adding useful information to the docs about how to authenticate a user in a custom endpoint.
  2. implying that 'project name' is needed before the path of the custom endpoint:
    docs state:
    The following file path: A file stored in public/extensions/custom/endpoints/example/endpoints.php will be accesible in /custom/example endpoint. When using directories the entrypoint file is endpoints.php.
    '_' is missing before the '/custom/example'

    What problem does this feature solve?

How do you think this should be implemented?

Would you be willing to work on this?

Yes, of course

docs
Source
picture dev4449
👍4

Most helpful comment

I've dug a little bit into the Directus source code and prepared a basic example on how to authenticate a user on a custom endpoint with a static token.
The example is composed of a small mixin that retrieves the auth token from the request and then pass it to the Directus API, plus a sample custom endpoint implementing the mixin.
https://gist.github.com/apiraino/aa2a2302afa54b3e1c22b990acddc8cf

Pretty basic but it should give the idea.

Directus exposes its public APIs under \Directus\Services, there's a lot of interesting stuff there.

hth

picture apiraino on 13 Feb 2020
3 👍1

All 9 comments

Perhaps this is related:
https://github.com/directus/docs/issues/163

circletime picture circletime on 19 Jun 2019

@benhaynes I've made my first custom endpoint and would like to authenticate the user in it, is there any example in the docs somewhere? 馃檹馃徏 th盲nk y枚眉!

gianpesto picture gianpesto on 22 Jan 2020
1

Hmm, that would be a question for @rijkvanzanten

benhaynes picture benhaynes on 22 Jan 2020

Passing that on to @bjgajjar

rijkvanzanten picture rijkvanzanten on 22 Jan 2020
👍1

pass it around @bjgajjar 馃槀

gianpesto picture gianpesto on 27 Jan 2020

@bjgajjar I'd be interested in this as well. Currently there seems to be no good option/example on how to limit access to custom endpoints? By default anyone (without authentication) can use all custom endpoints. We'd like to limit it to logged in users/access the user-object.

herrfinke picture herrfinke on 31 Jan 2020
👍3

Any workaround for this?

Is there any way to check if the user is authenticated inside the handler?

joaojoyce picture joaojoyce on 10 Feb 2020

I've dug a little bit into the Directus source code and prepared a basic example on how to authenticate a user on a custom endpoint with a static token.
The example is composed of a small mixin that retrieves the auth token from the request and then pass it to the Directus API, plus a sample custom endpoint implementing the mixin.
https://gist.github.com/apiraino/aa2a2302afa54b3e1c22b990acddc8cf

Pretty basic but it should give the idea.

Directus exposes its public APIs under \Directus\Services, there's a lot of interesting stuff there.

hth

apiraino picture apiraino on 13 Feb 2020
3 👍1

Also, cross-referencing with the documentation is useful:
https://docs.directus.io/api/authentication.html

apiraino picture apiraino on 18 Feb 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

cdwmhcc picture cdwmhcc  路  3Comments
rijkvanzanten picture rijkvanzanten  路  3Comments
ondronix picture ondronix  路  3Comments
vuhrmeister picture vuhrmeister  路  3Comments
metalmarco picture metalmarco  路  3Comments