RubyGems Authentication
Implementation plan (2 MRs)
-
Create a skeleton of the API that includes all routes, returning 404 in all responses. -
Add logic for authentication. - We should have users save their PATs and/or other tokens in the
~/.gem/credentialsfile as outlined at the bottom of the notes. This prevents confusion with the login prompt of "email", and also will be helpful when we use CI, we can generate this file and add the CI_JOB_TOKEN directly. Routes should return 401 if unauthorized, and 404 if authorized.
- We should have users save their PATs and/or other tokens in the
References
- A summary of all routes are listed here: #216517 (comment 485886685)
- Authentication notes are here: #216517 (comment 484929459)
- Main RubyGems issue: #803
- Investigation issue: #216517 (closed)
Edited by Steve Abrams