Skip to content
GitLab
    • GitLab: the DevOps platform
    • Explore GitLab
    • Install GitLab
    • How GitLab compares
    • Get started
    • GitLab docs
    • GitLab Learn
  • Pricing
  • Talk to an expert
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    Projects Groups Snippets
  • Sign up now
  • Login
  • Sign in
  • W website
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 85
    • Issues 85
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 1
    • Merge requests 1
  • Deployments
    • Deployments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • Code review
    • Insights
    • Issue
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • Video AG InfrastrukturVideo AG Infrastruktur
  • website
  • Merge requests
  • !42

Feature: Authorize helper

  • Review changes

  • Download
  • Email patches
  • Plain diff
Merged Nils Beyer requested to merge nilsb/video-ag-website:authorize_helper into master Sep 24, 2021
  • Overview 10
  • Commits 5
  • Pipelines 0
  • Changes 7

Related issues: #387 (closed)

Currently, authorization for video playback is mostly based on Basic Auth and alert banners in the video player. This leads to problems like in MaLo where users have to cancel the basic auth in order to access RWTH-SSO login. Furthermore, no helper text can be specified.

This merge request implements an authorization helper which allows users to select their authorization method before video playback. Furthermore, it stores login/password details no longer in the HTTP-Authorization header, but in an session entry. This allows users to switch between videos with different passwords without having to re-authenticate.

image

Points worth discussing:

  • Is it okay to store login/password in the session? Others suggested to store specifically which videos/lectures were authorized. This is more complex, and login/passwords used for video playback should not be personal.
Assignee
Assign to
Reviewers
Request review from
Time tracking
Source branch: authorize_helper