notes from auth research

author: Bryan Newbold <bnewbold@robocracy.org> 2018-06-30 16:15:29 -0700
committer: Bryan Newbold <bnewbold@robocracy.org> 2018-06-30 16:15:29 -0700
commit: 47adef5e75e06407b6692a64d7d67de620156c70 (patch)
tree: 5a48b34411571af154c320c97da4bcffce84187b /notes
parent: fd79a4d89ff1da25160bd7ab7ae1758ca59bd3f0 (diff)
download: fatcat-47adef5e75e06407b6692a64d7d67de620156c70.tar.gz
fatcat-47adef5e75e06407b6692a64d7d67de620156c70.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/notes/auth_thoughts.txt b/notes/auth_thoughts.txt
new file mode 100644
index 00000000..3ccaf668
--- /dev/null
+++ b/notes/auth_thoughts.txt
@@ -0,0 +1,12 @@
+
+For users: use openid connect (oauth2) to sign up and login to web app. From
+web app, can create (and disable?) API tokens
+
+For impl: fatcat-web has private key to create tokens. tokens used both in
+cookies and as API keys. tokens are macaroons (?). fatcatd only verifies
+tokens. optionally, some redis or other fast shared store to verify that tokens
+haven't been revoked.
+
+Could use portier with openid connect as an email-based option. Otherwise,
+orcid, github, google.
+
author	Bryan Newbold <bnewbold@robocracy.org>	2018-06-30 16:15:29 -0700
committer	Bryan Newbold <bnewbold@robocracy.org>	2018-06-30 16:15:29 -0700
commit	47adef5e75e06407b6692a64d7d67de620156c70 (patch)
tree	5a48b34411571af154c320c97da4bcffce84187b /notes
parent	fd79a4d89ff1da25160bd7ab7ae1758ca59bd3f0 (diff)
download	fatcat-47adef5e75e06407b6692a64d7d67de620156c70.tar.gz fatcat-47adef5e75e06407b6692a64d7d67de620156c70.zip