Auth

[astromatt]

I checked the documentation, tutorial and examples. I wasn't able to find anything about authentication at all. Simple login form to access dashboard and requests for telemetry data (using sessionID or JWT). Sorry for my naive question I come from backend side of development.

Am I missing something here?

Looking forward to hearing from you :)
Matt

[jvigliotta]

Hi Matt!

Good question, so, we have a basic user provider API which would give you the opportunity to have attribution for things like creating and modifying objects, but we do not have native support for any type of Authentication. All of the instances of Open MCT that we work with are behind a separate authentication system.

This hasn't been something that's been required for missions, so it's not something we've implemented, but an Open Source user could definitely create something like this.

An example set of steps to do this would be:

1. Serve Open MCT behind some other layer of authentication
2. Create a User Provider (this is our example provider, you could customize a user provider for your needs): ExampleUserProvider.js that would work with that authentication service
3. Use the user API: UserAPI.js to get user information/role, etc from the authentication service
4. Create an object provider (this is our local storage object provider for reference): LocalStorageObjectProvider.js and in your provider, you can check against the logged in user or any stored tokens
5. Create a telemetry provider (this is our example event telemetry provider for reference): EventTelemetryProvider.js and in your subscribe and request methods, you could check against the logged in user/role as well, add any tokens, etc

[astromatt]

Thank you very much for hints. I will explore those areas and if I come up with anything clever (and reusable) I will make a pull request to contribute.

[jvigliotta]

Of course, feel free to reach out if you have more questions!