Before we dive into this. Why is it necessary to provide a v2 API for supporting authentication/authorization ?
Why can't we right an Authorization class that accommodates our needs [1] and apply that to all existing v1 resources ? Since authorization procedure is pretty homogeneous to all resources.
[1] unrestricted access for requests coming from Lander & GK (bundle.request.META.REMOTE_HOST matching against intercom private-address relations), read-only access to non-private content and write access to logged in users (bundle.request.user.is_authenticated)
Joe,
Before we dive into this. Why is it necessary to provide a v2 API for supporting authentication/ authorization ?
Why can't we right an Authorization class that accommodates our needs [1] and apply that to all existing v1 resources ? Since authorization procedure is pretty homogeneous to all resources.
[1] unrestricted access for requests coming from Lander & GK (bundle. request. META.REMOTE_ HOST matching against intercom private-address relations), read-only access to non-private content and write access to logged in users (bundle. request. user.is_ authenticated)