-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve authentication mechanism #19
Comments
Are there any standards and/or golang libraries you prefere for this? As I want to look into the actual implementation of such auth a little bit. |
Hm, I think this depends on the goals we want to achieve:
Personally, I'd prefer sticking to the CLI because it is less work to maintain, but happy to receive input on this. |
OAuth sounds fine for me. It is a widely adopted standard so it can be used for a GUI later too. Maybe an option for longterm (limitied access) tokens might be great too. |
I searched a bit through the available libraries. There are 2 gin-specific oauth libraries one based on the basic oauth lib and another one from zalando. But both are not updated in the last few years. Another option would be to just use the basic oauth2 lib, that would also give some more freedom in handling the authentication, e.g. if you plan to make authentication mechanics switchable via config options. |
I think the first option |
I implemented oauth as an optional authentication mechanism in a branch of my fork. I would enjoy any comments and ideas on how to improve it further. Currently the only thing I am missing (and want to implemented) is the ability to create longterm tokens. I intentionally tried to apply a modular scheme to the authentication process, so that other authentication methods can easily be implemented if needed. |
That's awesome! Would you mind creating a pull request for it? We can treat it as WIP, but it makes the review more convenient. |
Sure created #29 |
Thanks, will have a look on Tuesday! |
Most importantly, we should enable authentication via, e.g., OAuth bearer tokens, and support 2FA.
The text was updated successfully, but these errors were encountered: