Skip to content
Snippets Groups Projects

API Key implementation on frontend

    • Closed Issue created by sghosh @sghosh

    All APIs to be authenticated via header key Authorization

    As of now, a single API Key for all APIs is to be used by the frontend client. In the future can implement separate keys for separate clients.

    Edited

    Designs

      Child items ...

      2. Activity

      • sghosh assigned to @moon

        assigned to @moon

      • sghosh marked this issue as related to dd-code-api#27 (closed)

        marked this issue as related to dd-code-api#27 (closed)

      • sghosh
        sghosh @sghosh ·
        Author Maintainer

        When this is done, a backend pull needs to be made to get the respective code running on the API server as well. Concerned commit for the api codebase is dd-code-api@56eeb5df

        A new env variable API_KEY needs to be added, which would be the actual api_key. This key can be rotated from time-to-time to ensure security.

        • moon
          moon @moon ·
          Maintainer

          Could we use html header for using api_key instead of url get parameter? It would be nice to hide api-key from the url string. How do you think?

          import json
import requests


api_token = 'your_api_token'
api_url_base = 'https://api.ddcode.com/v2/'
headers = {'Content-Type': 'application/json',
           'Authorization': 'Bearer {0}'.format(api_token)}
          Edited by moon
        • sghosh
          sghosh @sghosh ·
          Author Maintainer

          Agreed. It's better that way. I added Authorization checked from headers.

        • Please register or sign in to reply
      • sghosh changed the description

        changed the description

      • moon closed

        closed

      Please register or sign in to reply