Authentication

[rolfyone]

• Add an endpoint /eth/v1/keystores/auth that is not protected by any form of authentication. It returns a response with an absolute path to a file containing an auth token. The assumption here is that the user of the VC API is a privileged entity with access to the machine the VC is running on, and permission to read this file. - @michaelsproul
  { "token_path": "/home/michael/.lighthouse/mainnet/validators/api-token.txt" }
• All other endpoints require an Authorization: Bearer $token header with the value of the token loaded from token_path. The intention is that the token remains the same across multiple VC restarts, unless the user specifically regenerates a new token (this can happen out of band, e.g. by deleting the file and restarting the VC, or using a non-standard API).- @michaelsproul
• Introduce a new flag command to generate the token into a file, and introduce a new flag to enable APIs - @james-prysm

[nflaig]

Most of the points have been addressed in #74. There was some discussion in that PR as well if we wanna add an unauthenticated api which returns the token path as suggested in this issue but there hasn't been any demand for this so far, and since it's is now possible to customize the path via CLI flag, this seems a bit redundant to implement.

Can we consider this closed?

[michaelsproul]

Yeah I'm happy to close this.