htsget-portal auth crate #219
Description
htsget the server/API - is also hosting a webpage with /login endpoints.
Also throw into the mix that an individual might be getting data from two (or more) different releases in Elsa. So whilst we might have a token that allows them access to everything - we might also have a token that downscopes to specific releases.
Because maybe they want to hand that token over to a research environment/WES endpoint or something
And they only want it to have access to some of the data - not everything the person has ever been entittled to access
The other "cool" thing we can start to think about is how to insert htsget endpoints into trusted research environments. So if we are doing AWS Access Point sharing to a specific VPC - can we also spin up a htsget endpoint in that VPC and have that be the only mechanism to access the data. So it is handing out "signed" S3 urls - but those S3 urls are themselves only useable from within the compute in that VPC.