potiuk commented on issue #66804: URL: https://github.com/apache/airflow/issues/66804#issuecomment-4433637323
It goes totally opposite the way we've done with Auth - whenever there is something generic, that is not serving the "core" of airflow functionality, we should think how to move it out, not to bring it in. I think that one is hard no for me if it comes to code changes. And if you think this is a problem: ``` (a) Put a rate-limiter (envoy/nginx) in front of api-server and tag by user — but the username isn't always available at the proxy layer for token-auth flows. ``` We should rather think of a way how to expose the necesary missing things for the gateways rather than bringing in the whole functionalities they offer (Headers and cookies are the right ways to think about it I think). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
