Secure the API and Dashboard

[benoit-cty]

CodeCarbon API and Dashboard are open to everyone. We think it will be better to have a way to segregate the data : only the owner of the organization could decide who has access to the data.

We need to allow:

• Keycloak user management : we choose this tool to allow third party authentication like GitHub or private company LDAP.
• Create an account on the user interface
• Create organizations/teams/projects and give access to them to other account
• Create token for the API
• Support authentication with token in the API
• Secure the dashboard to allow users to view only the data they are allowed to.
• The aggregation api must read only the data the user are allowed to
• Keep the option to share data publicly

[inimaz]

• We should create a CodeCarbon theme for the login and register pages. Keycloak allows to override them. See https://www.keycloak.org/docs/latest/server_development/#_themes
• Maybe less priority, Keycloak allows to have roles. We can have read-only users, team-admin, organisation-admin... And allow team-members to manage these roles via the API.

[SaboniAmine]

Ongoing development, which can be tracked on https://github.com/orgs/mlco2/projects/4