Allow requiring authentication for all operations #7091
Comments
jdemilledt
added
the
C-feature-request
|
I am beginning to program a solution to this. |
|
This may need an RFC process to move forward, since authentication can be a tricky thing, and different people may have different requirements. I think ideally the authentication requirements for a registry would be defined in config.json. Just including the token in more requests would be trivial. But there may be more to do, and it would be good if was easy to extend in the future. cc #6843 |
Currently, all methods but Sure, token based authentication won't fulfill all users need, but when another authentication method will be implemented, the other API methods has to be changed as well and the tokens may be used as default. |
|
I'm also waiting for this feature. |
|
👍 from us at @cloudsmith-io; we've got customers that have asked us to implement the search endpoints, but without authentication this makes it difficult to do that. |
|
Has there been any progress made on this? We're trying to encourage rust/cargo adoption in a corporate environment (using Artifactory), but requiring anonymous access is a pretty big showstopper. Happy to chip in if there's an opportunity to help move it along! |
|
There is currently an RFC up for review at rust-lang/rfcs#3139. |
|
The RFC is now accepted. I'm going to close in favor of the tracking issue at #10474. |
Describe the problem you are trying to solve
Currently, for methods such as search, cargo does not offer authentication to alternative registries. For companies with private projects, this is an issue.
Describe the solution you'd like
Have a config option (or automatically) to pass Authorization headers to all API functions.
Notes
Adds on to #6843.
The text was updated successfully, but these errors were encountered: