foss42
Adding Support for API Authentication Methods
Tell us about the task you want to perform and are unable to do so because the feature is not available
This meta issue is to track support for various API authentication methods in API Dash
Hi, I would love to work on this issue for Google Summer of Code 2025. What would you suggest me to do to prepare me for starting this project and/or preparing my application for me to start this project? Are there any additional resources I should look at other than the links provided in #565 or the flutter/dart documentation?
Thanks, Vivan Waghela
Hi, I would love to work on this issue for Google Summer of Code 2025. What would you suggest me to do to prepare me for starting this project and/or preparing my application for me to start this project? Are there any additional resources I should look at other than the links provided in #565 or the flutter/dart documentation?
Thanks, Vivan Waghela
@highjeans The application guide answers all your questions. You can read it here
Hi @ashitaprasad,
I’m Paniv Kapoor, and I’m really interested in working on the GSoC’25 project "Adding Support for API Authentication Methods" (Issue #609). I had a few doubts and was hoping you could clarify them.
In the project description, there are multiple sub-issues listed:
Basic Authentication – Sending a verified username and password with API requests (#610) API Key Authentication – Sending a key-value pair in the request headers or query parameters (#611) Bearer Token Authentication – Using an access key like a JSON Web Token (JWT) (#612) JWT Bearer Authentication – Generating JWT bearer tokens to authorize requests (#613) Digest Authentication – Involves a challenge-response mechanism where a nonce value is used to create a one-time-use hash key (#614) OAuth 1.0 Authentication (#615) OAuth 2.0 Authentication (#481) My question is: Does the GSoC project require implementing all these authentication methods (#610 to #615 and #481), or should I focus on specific ones?
Additionally, if you have any suggestions on where to start or relevant resources for learning more about API authentication in Dart and Flutter, that would be really helpful!
Looking forward to your guidance. Thanks!
Best, Paniv Kapoor
Hi @ashitaprasad,
I’m Paniv Kapoor, and I’m really interested in working on the GSoC’25 project "Adding Support for API Authentication Methods" (Issue #609). I had a few doubts and was hoping you could clarify them.
In the project description, there are multiple sub-issues listed:
Basic Authentication – Sending a verified username and password with API requests (#610) API Key Authentication – Sending a key-value pair in the request headers or query parameters (#611) Bearer Token Authentication – Using an access key like a JSON Web Token (JWT) (#612) JWT Bearer Authentication – Generating JWT bearer tokens to authorize requests (#613) Digest Authentication – Involves a challenge-response mechanism where a nonce value is used to create a one-time-use hash key (#614) OAuth 1.0 Authentication (#615) OAuth 2.0 Authentication (#481) My question is: Does the GSoC project require implementing all these authentication methods (#610 to #615 and #481), or should I focus on specific ones?
Additionally, if you have any suggestions on where to start or relevant resources for learning more about API authentication in Dart and Flutter, that would be really helpful!
Looking forward to your guidance. Thanks!
Best, Paniv Kapoor
If undertaken as a GSoC project all the issues have to be resolved.
A good place to start will be to take a real world API which requires auth and connect it using Dart.
Hii @animator , Thanks for guiding. Are you one of the mentor for this project?
Hii @animator , Thanks for guiding. Are you one of the mentor for this project?
Yes
Thanks for clarifying
Hii @animator , Thanks for guiding. Are you one of the mentor for this project?
Yes
Thanks for clarifying 😊. Could you please clarify that if there is any qualification task for this project or I just need to send the proposal directly??.
Thanks for clarifying
Hii @animator , Thanks for guiding. Are you one of the mentor for this project?
Yes
Thanks for clarifying 😊. Could you please clarify that if there is any qualification task for this project or I just need to send the proposal directly??.
Every project is designed in such a way that you have to send some PR solving a small part of the issue. Like in this case sending a draft PR adding any 1-2 of the auth methods mentioned above. It will also give you a better idea of the problem so that you can draft a better proposal.
Thanks for clarifying
Hii @animator , Thanks for guiding. Are you one of the mentor for this project?
Yes
Thanks for clarifying 😊. Could you please clarify that if there is any qualification task for this project or I just need to send the proposal directly??.
Every project is designed in such a way that you have to send some PR solving a small part of the issue. Like in this case sending a draft PR adding any 1-2 of the auth methods mentioned above. It will also give you a better idea of the problem so that you can draft a better proposal.
So is this a compalsary task to perform before submitting the proposal??
Thanks for clarifying
Hii @animator , Thanks for guiding. Are you one of the mentor for this project?
Yes
Thanks for clarifying 😊. Could you please clarify that if there is any qualification task for this project or I just need to send the proposal directly??.
Every project is designed in such a way that you have to send some PR solving a small part of the issue. Like in this case sending a draft PR adding any 1-2 of the auth methods mentioned above. It will also give you a better idea of the problem so that you can draft a better proposal.
So is this a compalsary task to perform before submitting the proposal??
We have already mentioned all essential information in the GSoC Application Guide https://github.com/foss42/apidash/discussions/564
You can go through it.
@animator Hi sir!! I have raised a PR #680 that will potentially close the issue #610 successfully and this also serves as the base for adding other authorizations also. I would really like you to review it and tell me what's right or wrong so that i can improve the code/ my approach. i would really love to discuss about it and close these all issues before the GSoc itself.
@animator Hi sir!! I have raised a PR #680 that will potentially close the issue #610 successfully and this also serves as the base for adding other authorizations also. I would really like you to review it and tell me what's right or wrong so that i can improve the code/ my approach. i would really love to discuss about it and close these all issues before the GSoc itself.
Sure we will review it
Hello API Dash Team!
I'm Hanzi, a fourth-year Computer Science student at McGill University passionate about tech startups and looking to get involved in GSoC. After exploring API Dash's codebase, I've noticed inconsistent approaches to authentication features across PRs.
To address this, I propose a standardized approach following API Dash's architecture:
-
Unified Authentication Model: A freezed-based
AuthenticationModelin the core package -
Single Integration Point: One update to
HttpRequestModelto include authentication - Consistent UI Pattern: Standard "Auth" tab in the request editor
This would allow contributors to implement different auth methods (Basic, Bearer, OAuth, etc.) independently while maintaining consistency with the project's patterns and ensuring backward compatibility.
Is this approach aligned with the project's vision? I'd be happy to submit a PR with this foundation to enable structured collaboration.
@hanzili You can submit your proposal in the GSoC website and submit a PR for your approach.