@hadijah315, @waweru, it turns out you have discovered the first place where we’re going to need to make a change to the OCL REST API.
I just had a skype chat with @paynejd which I will summarize here:
Currently OCL has some tech debt, where they redundantly store user accounts across the web and API. The OCL REST API actually only supports token-based authentication. ocl-web allows you to log in with a username and password, and get the token. However we are not using ocl-web, so we need to make some changes…
Quick hack to do now
- Change the login screen in our new UI so that instead of asking for a password, it asks for a token.
- of course this is terrible UI design; it’s only temporary to unblock us.
- For now a user would need to log into the existing ocl-web application (at openconceptlab.org) and copy-paste their API token. (If you log in, and look at your account, it’s on the bottom left as “API Token:”.)
- Our application should use this token when making all the REST calls
Need to add a way to authenticate to the REST API using username and password.
- Is there someone on the team with some python/django experience who could look into how we’d solution this?
- Once we have an approach in mind, propose it as a new topic on this forum, to make sure that other stakeholders are okay with the API change.
- Then we can implement it.