-
Notifications
You must be signed in to change notification settings - Fork 28
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
69 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| --- | ||
| title: Testing API Key Authentication | ||
| --- | ||
|
|
||
| When running tests there are several ways you might want to handle API Key | ||
| authentication. This document outlines a few strategies for testing with API Key | ||
| authentication both locally and in deployed environments. | ||
|
|
||
| ## Testing Locally | ||
|
|
||
| When running API key Authentication locally, if you | ||
| [link](/docs/cli/local-development) the project to an project the same API Key | ||
| Bucket used in working copy will also be used for local development. | ||
|
|
||
| Alternatively, you can specify any API Key Bucket on the | ||
| [API Key Authentication](/docs/policies/api-key-inbound) policy by setting the | ||
| `bucketName` property. | ||
|
|
||
| ## Selectively Disabling | ||
|
|
||
| :::danger | ||
|
|
||
| Be extremely careful using this strategy. If configured incorrectly this could | ||
| leave your API open to unauthorized access. | ||
|
|
||
| ::: | ||
|
|
||
| Another option is to disable authentication on endpoints for testing purposes. | ||
| One way of doing this is to configure the | ||
| [API Key Authentication](/docs/policies/api-key-inbound) policy to allow | ||
| unauthenticated requests through. This can be done by setting | ||
| `allowUnauthenticatedRequests` to true. | ||
|
|
||
| In order to enforce authentication with this setting disabled, you can create a | ||
| policy that comes after that selectively enforces auth based on some condition. | ||
|
|
||
| For example, an environment variable flag could be used to disable auth with the | ||
| following policy. | ||
|
|
||
| ```ts | ||
| import { | ||
| ZuploContext, | ||
| ZuploRequest, | ||
| environment, | ||
| HttpProblems, | ||
| } from "@zuplo/runtime"; | ||
|
|
||
| export default async function enforceAuth( | ||
| request: ZuploRequest, | ||
| context: ZuploContext, | ||
| ) { | ||
| if (environment.DISABLE_AUTH === "AUTH_DISABLED") { | ||
| return request; | ||
| } | ||
|
|
||
| if (!request.user) { | ||
| return HttpProblems.unauthorized(request, context); | ||
| } | ||
|
|
||
| return request; | ||
| } | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -331,6 +331,7 @@ const sidebars = { | |
| "cli/test", | ||
| "cli/tunnels", | ||
| "cli/variables", | ||
| "cli/local-development", | ||
| ], | ||
| }, | ||
| ], | ||
|
|
||
019c8edThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Successfully deployed to the following URLs:
docs – ./
docs.zuplo.site
docs.zuplopreview.net
docs-git-main.zuplopreview.net