A Eve-Demo fork intended to demonstrate how you can protect API endpoints by extending your Eve application with Flask-Sentinel.
Flask-Sentinel extends the main Eve application by providing a token creation
endpoint at /oauth/token
and a users and clients management endpoint at
/oauth/management
.
In order to be granted access to regular API endpoints (/people/
and
/works/
) a client must first obtain a valid token by hitting the token
creation endpoint with valid client id, username and password. The returned
token will then be used for subsequent requests until it eventually times out.
For details on how to perform token and endpoint requests see
Flask-Sentinel.
Besides extending your Eve instance with Flask-Sentinel you might also opt to provide your auth service as a different, isolated application. This would be a good choice if you are concerned about scalability and availability of your services. Redis would then serve as a bridge between the applications, and could itself reside on a different server, allowing for a totally distributed and isolated network of (micro?) services.
Eve-OAuth2 is a Nicola Iarocci and Gestionali Amica open source project distributed under the BSD license.