Can someone give me a quick overview of how the lo...
# getting-started
c
Can someone give me a quick overview of how the login functionality is working in datahub? I looked at the requests it makes and the code as well.. What I understood from there was it makes an
POST
call to
/authenticate
route with username and password which returns a
PLAY_SESSION
cookie no matter what the username and password is being passed ( I am aware of the dummy login which is used right now ). After that it makes a
GET
request to
api/v1/user/me
route with the
PLAY_SESSION
cookie and this route verifies whether the username is actually present or not and sends a response based on that. But I am not able to understand how is the API hit to
api/v1/user/me
logging out a username that is not present. As in, it does not change the cookie or anything. Inside the code as well I am not able to see any logout trigger from
getLoggedInUser
( as per the
datahub-frontend/conf/routes
file, this is the function that is being hit by
api/v1/user/me
route.. )
Actually I was trying to setup
oauth-proxy
(https://github.com/oauth2-proxy/oauth2-proxy) on top of datahub. I modified the oauth-proxy code to hit
/authenticate
route and set the cookie it returns. The cookie being returned is correct ( I can verify by setting this cookie in an actual logged in session and it works there.. ) Now, when I try to login via oauth-proxy
PLAY_SESSION
is getting set correctly in the browser, but I am not getting logged in as the
api/v1/user/me
has not been hit.. Also, even if I hit the route it does not modify or add any cookie to what is already present.. So I don’t understand the need to hit this route in the first place. Secondly, Just to make sure,
api/v1/user/me
is not setting anything from the backend as well. I tried hitting it as a CURL command from my terminal separately. But I am still not able to login..
m
I know by default our quickstart docker stuff has no authentication (on purpose, it is just a demo). @bumpy-keyboard-50565 @steep-airplane-62865 do we have docs on how to set up real authentication?
err @enough-house-33388
e
I believe the logout code for
api/v1/user/me
resides in Ember side (JavaScript) and is triggered by this line when the corresponding user info isn't found in GMS: https://github.com/linkedin/datahub/blob/master/datahub-frontend/app/controllers/api/v1/User.java#L56