Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scope of the Project #1

Open
Souvikns opened this issue Sep 16, 2021 · 10 comments
Open

Scope of the Project #1

Souvikns opened this issue Sep 16, 2021 · 10 comments
Assignees
@kalzen15 @Souvikns @syshcndr @imabp

Comments

@Souvikns
Copy link
Member

What is this Project?

I am starting this project because whatever we build will inevitably need authentication and as an organization, we should have our own authentication and user database. Thus this is what this project aims to solve. Auth will be a standalone service that will handle authentication and nothing else. It will have its own database where it will store all the user data that will be public and could be consumed by anyone.

Targeted Features.

  • Login and Signup UI with our ORGs logo.
  • public API to fetch registered users. (Just authenticate not Authorization. )

@imabp should we make TechPhantoms OAUTH?
@imabp
Copy link
Member

imabp commented Sep 16, 2021

Yes I really want to make this up, we can even have a separate NPM Package, for tech phantoms auth only.. which we can use, to integrate with all our future projects.

@Souvikns
Copy link
Member Author

So I would like to open up the discussion with some of the issues I am thinking about and how we can solve them. First, let me start with defining what Auth is aiming to serve.

Auth is a microservice that has only one job, to store and maintain users. It will have a database to store all the user data and an API to consume that. I and @imabp were thinking of using supabase for your authentication. Having GitHub OAuth would be really beneficial. So now that I define the aim let's talk about the issue.

Issues

Using GitHub OAuth

Suppose we use GitHub OAuth then after the callback from GitHub it will redirect to our Auth URL, and not on any URL that the other service is listening on, then how will we use it for more than one service. As GitHub OAuth token is meant for one service only which this service will use, how can we have other services use this one service for their Authentication needs?

I did come up with some solution let me discuss it here.

  • When other services are calling this service's URL to authenticate we store that data and after a complete authentication process redirects to that service's URL that could help. Something I and @imabp were talking about you can check it here.
  • Another approach is that we have separate GitHub OAuth tokens for all other Services but use this Service to store only the user data just making sure that we have the rights to push data but anyone can read some basic public data.

Having a perfect admin role system

I would like to have a service to support API_KEYS to allow others to create applications using this. So an admin system where anyone can first sign in then generates an API key to access the developer option. Now, this is something that is not required at the moment but is a feature that would be nice to have. Still, we need a way for us to use set up this service to build other services but that allows only us, not anyone else.

So @imabp @kalzen15 @syshcndr this is something we need to brainstorm and figure out. Lets keep discussing in this issue itself.

@imabp
Copy link
Member

imabp commented Oct 2, 2021
edited
Loading

@Souvikns
Reading through GitHub OAuth, I have a better design where we can approach this.
Using a single auth server to communicate between apps and oAuth.

Here is the flow Download this as pdf
image

@uzaxirr
Copy link
Member

uzaxirr commented Oct 2, 2021
edited
Loading

@imabp @Souvikns
Hello, This seems fascinating to me Can I also contribute to this??

I have NodeJS, ExpressJS under my belt and I'm currently learning Django

@imabp
Copy link
Member

imabp commented Oct 2, 2021

Yes @uzair-ali10 why not.
Its completely open source. In this issue, our main objective is to define and design the auth system.
Please do share your inputs and improvements and once the auth system design is complete we will put it on code.

@Pranay-Narang
Copy link

I would like to have a service to support API_KEYS to allow others to create applications using this. So an admin system where anyone can first sign in then generates an API key to access the developer option. Now, this is something that is not required at the moment but is a feature that would be nice to have. Still, we need a way for us to use set up this service to build other services but that allows only us, not anyone else.

This concept seems similar to generating clients in OAuth2.0 where each client is considered as an application and given a client_id and client_secret

If I understood it right, you're essentially looking to build a service such as Keycloak which maintains a user database and supports third-party login such as GitHub right?. Please correct me if I am wrong

@imabp
Copy link
Member

imabp commented Oct 5, 2021

@Souvikns .. whats the status, are we going with the same.?

@imabp
Copy link
Member

imabp commented Oct 5, 2021

Create an epic if needed @Souvikns

@Souvikns
Copy link
Member Author

Souvikns commented Oct 5, 2021

@imabp I think we can start working on the project, we do have a proper idea about the design.

@imabp
Copy link
Member

imabp commented Oct 5, 2021

Yes @Souvikns .. Let's create the issues and start working.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kalzen15 kalzen15

@Souvikns Souvikns

@syshcndr syshcndr

@imabp imabp

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@Pranay-Narang @kalzen15 @Souvikns @syshcndr @imabp @uzaxirr