Add authentication to secure the endpoints

Question

Add authentication to secure the endpoints

Closed this issue a year ago · 4 comments

Can we have some kind of authentication for calling the endpoints?

Answer 1 · 2024-02-15T11:35:04.000Z

I think the easiest one I can think of is to use something like https://github.com/awesometic/nestjs-ip-filter and have the BPP-Client be whitelisted. What do you think?

Answer 2 · 2024-02-15T16:02:28.000Z

Since it will be only one referer that we will need to configure, that should be fine I think. Does it also support domain name apart from ip?

Answer 3 · 2024-02-15T16:14:22.000Z

I think writing a regex to give a private address range seems the easiest one from a maintenance perspective. There are examples of those in the plugin site.

Answer 4 · 2024-02-27T11:56:46.000Z

For now this will be done at a Vendure installation level rather than plugin level. Closing it for now.