Authentication questions - anonymous and long-life tokens?


#1

Hi -

Two questions in regards to REST API access:

1.) Is it possible to allow anonymous access to the REST APIs? I’m assuming “guest access” was this, but in testing, seeming not to be the case. I’ve checked off “Guest Access”, assigned a guest role and allowed GET access in the service definition. When I try to read passing in only the API app name, I receive back:

{"error":[{"context":null,"message":"Access to application ': rest-data' is not provisioned for this user's role.","code":403}]}

Is it possible to allow anonymous GET access? Am I using guest access correctly?

2.) Also, does DSP allow for “long-life tokens” or application tokens for API access? Instead of providing a username and password, then a token for that session, it is possible to generate a token that doesn’t expire and wouldn’t need username/password to generate?

Thanks,

Jason


#2

On #1, that was a config error on my part - Guest Access does allow for anonymous access to the API.


#4

On #2, the DSP allows guest access as you have noticed. All other access currently requires user authentication (via email/password or OAuth) allowing for our user-role management and service accesses. As we prepare for 2.0, authentication and session management are being looked at again and your request will be taken into consideration.


#5

Makes sense - thanks Lee!


#6

I am calling user authentication from a PhoneGap app to a DSP installed on an Ubuntu Server on DigitalOcean. Should there be any reason that the authentication call is so much slower that say a data read call?


#7

No, it’s just another API call so performance should be similar to a data read call. Can you try authenticating outside your PhoneGap app, like with cURL, and see if performance on user auth is similarly slow.

curl -k -3 -X POST https://dsp-yourdsp.cloud.dreamfactory.com/rest/user/session \
 -H "X-DreamFactory-Application-Name: yourapp" \
 -d '{ "email" : "foo@bar.com", "password" : "yourpassword" }'

Also, what version of DreamFactory are you on, so we can take a look if there is some issue.


#8

I am using v1.5.9. I tried the curl command and it takes about the same time as the login from the Phonegap app. Login takes around 8-10 seconds while a db query replies in 1-2 seconds. I have only 3 users defined in my app.


#9

That’s unusual. All of those calls should be way faster, including the db query.

This could be something config related. An engineer will need to look at your environment and troubleshoot. Please contact support@dreamfactory.com so we can get a ticket going.


#10

If it’s helpful for comparison as a fellow end-user/developer, I’m getting response times within 400-600ms for a small DigitalOcean virtual server running Apache and Postgres. I agree - something seems off if it’s returning in 8-10 seconds for a simple user session lookup. Hopefully it’s a config setting or similar as you should definitely getting better performance for your mobile app. Sounds like you are queued up for support and will figure this out, would love to hear what it was in the end!


#11

Remember, I am connecting to the DigitalOcean server from the Philippines and our internet connection is slow.

I made a read only user that you guys can test.

curl -k -3 -X POST http://df.systemacorp.com/rest/user/session -H “X-DreamFactory-Application-Name: dormfinder” -d ‘{ “email” : "dfclient@systemacorp.com", “password” : “systema” }’

Could the difference in response times between a login and db query be related to the implementation of user.login and db.getrecords?


#12

What’s your URL? Looks like you didn’t copy in the whole thing.


#13

curl -k -3 -X POST http://df.systemacorp.com/rest/user/session -H “X-DreamFactory-Application-Name: dormfinder” -d ‘{ “email” : "dfclient@systemacorp.com", “password” : “systema” }’

Here is the corrected URL. Sorry.


#14

I can’t connect to that host. Try cURL and let me know when you get a response, then I’ll try again. Make sure the URL is https.

curl -k -3 -X POST https://df.systemacorp.com/rest/user/session -H "X-DreamFactory-Application-Name: dormfinder" -d '{ "email" : "dfclient@systemacorp.com", "password" : "systema" }'