Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ENH] Add authentication to /query route #323

Merged
merged 6 commits into from
Jul 17, 2024
Merged

[ENH] Add authentication to /query route #323

merged 6 commits into from
Jul 17, 2024

Conversation

alyssadai
Copy link
Contributor

@alyssadai alyssadai commented Jul 17, 2024

Changes proposed in this pull request:

  • /query route now expects an authorization token by default
  • added logic to verify token using google-auth
  • added new optional env vars:
    • NB_QUERY_CLIENT_ID: Client ID of query tool
    • NB_ENABLE_AUTH: Whether or not to enable authentication (will determine if client ID is also checked)
  • existing tests of /query route updated to use mock token
  • added filters to tests of startup events to suppress the startup warning about unset NB_API_ALLOWED_ORIGINS (when this warning is irrelevant to the test)

Checklist

This section is for the PR reviewer

  • PR has an interpretable title with a prefix ([ENH], [FIX], [REF], [TST], [CI], [MNT], [INF], [MODEL], [DOC]) (see our Contributing Guidelines for more info)
  • PR has a label for the release changelog or skip-release (to be applied by maintainers only)
  • PR links to GitHub issue with mention Closes #XXXX
  • Tests pass
  • Checks pass

For new features:

  • Tests have been added

For bug fixes:

  • There is at least one test that would fail under the original bug conditions.

@alyssadai alyssadai added the pr-minor-breaking Feature or enhancement that breaks compatibility, will increment minor version (0.+1.0) label Jul 17, 2024
@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 9965920732

Details

  • 105 of 107 (98.13%) changed or added relevant lines in 8 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.2%) to 95.927%

Changes Missing Coverage Covered Lines Changed/Added Lines %
app/api/security.py 18 19 94.74%
tests/test_security.py 26 27 96.3%
Totals Coverage Status
Change from base Build 9820579396: 0.2%
Covered Lines: 683
Relevant Lines: 712

💛 - Coveralls

@rmanaem rmanaem self-requested a review July 17, 2024 15:50
Copy link
Collaborator

@rmanaem rmanaem left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR @alyssadai! This is good to go 🧑‍🍳

@alyssadai alyssadai merged commit 07a6afa into main Jul 17, 2024
8 checks passed
@alyssadai alyssadai deleted the add-auth branch July 17, 2024 17:59
Copy link

neurobagel-bot bot commented Aug 2, 2024

🚀 PR was released in v0.3.0 🚀

@neurobagel-bot neurobagel-bot bot added the released This issue/pull request has been released. label Aug 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
pr-minor-breaking Feature or enhancement that breaks compatibility, will increment minor version (0.+1.0) released This issue/pull request has been released.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add authentication to /query route
3 participants