Authentication¶
chime-frb-api uses an ACCESS_TOKEN and an optional REFRESH_TOKEN to authorize HTTP Requests against the CHIME/FRB backends. For a deeper look at these tokens visit the developer section.
The authentication process can be reduced to the following steps:
- Generate tokens with proper credentials, i.e. username/password.
- Attach the
ACCESS_TOKENwith HTTP Requests to validate them - Regenerate the
ACCESS_TOKENusing theREFRESH_TOKENwhen it expires
How to generate tokens?¶
chime-frb-api manages the creation, use and refreshing of tokens automatically and always prefers to use tokens over asking for credentials. In the order of decreasing preference, chime-frb-api looks for authentication components in the following locations:
-
Arguments passed when creating the backend object
-
If no arguments are passed, chime-frb-api will then look for them in the user environment,
BashFRB_MASTER_ACCESS_TOKEN=<TOKEN> FRB_MASTER_REFRESH_TOKEN=<TOKEN> FRB_MASTER_USERNAME=debug FRB_MASTER_PASSWORD=debugDeprecation warning
In the future
FRB_MASTER_ACCESS_TOKENwill be changing toCHIME_FRB_ACCESS_TOKEN, andFRB_MASTER_REFRESH_TOKENwill change toCHIME_FRB_REFRESH_TOKEN. For now, both can be used but former will be disabled eventually. -
Finally, if no arguments are passed or are available via the local environment, chime-frb-api will ask the user to generate tokens. This can be done using either of the following methods:
- A CLI tool from the command line:
or
- From Python:
Note
Generating a new access token using your credentials invalidates the currently issued refresh token.
User Workflow¶
Ideally, you should only need to generate your token once, and then save it to your environment.
or
from chime_frb_api.backends import frb_master
master = frb_master.FRBMaster()
master.API.generate_token(username=username, password=password)
Find your tokens¶
master.API.access_token "your.very.long.access.token" master.API.refresh_token "your-shorter-refresh-token"