Hex Web Auth Flow

[starbelly]

Background

We have discussed in various issues moving to a "web auth flow" for authenticating with mix and rebar3 hex. I would like for the group to over the flow, discuss the pros and cons, and to formulate a time line if possible for moving to this. One big looming question for myself is : Will we all together stop password auth or will it be optional? This discussion is also in prep for completing the tasks in #11

Objective(s)

• Create an issue describing the approach, pros/cons, and strategy/timeline
• Enumerate that tasks that must be completed in order to start work on web auth
• Enumerate the tasks that must be completed to implement web auth flow.

[josevalim]

Perhaps this could be a project for Google Summer of Code? Implementation wise it is a matter of implementing the relevant Hex APIs and then invoking them from the client. :)

[starbelly]

@josevalim I think that's a great idea. I'll be a mentor on gsoc so :)

[pablocostass]

I agree, this could be a neat proposal for GSoC. I was about to create an agenda item to discuss proposals within the WG, so it's great to already have one idea :)

[starbelly]

Closed per today's discussion and #21