Allow defining a route with _auth: 'TRUE' to enable all available authentication providers.

Created on 26 February 2021, almost 4 years ago
Updated 23 July 2023, over 1 year ago

Problem/Motivation

It is frustrating to define API-first routes if you do not care which authentication method is used since it can only be done programmatically. This is because the route developer can't know which methods the site builder has enabled (e.g. basic_auth) in advance, but every authentication method must be explicitly specified.

See an example in core.
See an example in contrib.

Proposed resolution

Allow routes to be defined with _auth: 'TRUE' to permit any available authentication method.

Alternative
If _auth is not defined, allow all methods instead of the default method. This would make it easier to define routes, but may break existing expectations.

API changes

Additional allowed value in a route definitions.

Data model changes

None.

Release notes snippet

Routes can now be defined to permit all enabled authentication methods without writing custom code by specifying _auth: 'TRUE' in their route definitions.

✨ Feature request
Status

Active

Version

11.0 πŸ”₯

Component
RoutingΒ  β†’

Last updated 3 days ago

Created by

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024