summaryrefslogtreecommitdiffstats
path: root/notes
diff options
context:
space:
mode:
authorBryan Newbold <bnewbold@robocracy.org>2019-01-07 17:44:36 -0800
committerBryan Newbold <bnewbold@robocracy.org>2019-01-07 17:44:36 -0800
commit5e138c0cf74c68cbf0892437d9081f4132236ef4 (patch)
treeac4eafb78d75e3eddc56f3f69aa6794772ff7be6 /notes
parent5d5a5648cb480e05c4253c954c71094c7251b65a (diff)
downloadfatcat-5e138c0cf74c68cbf0892437d9081f4132236ef4.tar.gz
fatcat-5e138c0cf74c68cbf0892437d9081f4132236ef4.zip
more auth notes
Diffstat (limited to 'notes')
-rw-r--r--notes/auth.md10
1 files changed, 10 insertions, 0 deletions
diff --git a/notes/auth.md b/notes/auth.md
index 1918dc82..b73ce343 100644
--- a/notes/auth.md
+++ b/notes/auth.md
@@ -201,6 +201,16 @@ Looked at a few other options for managing use accounts:
public infrastructure.
- having webface generate macaroons itself
+Will probably eventually need to support multiple logins per editor account.
+Shouldn't be too hard, but will require additional API endpoints (POST with
+`editor_id` included, DELETE to remove, etc).
+
+On mobile folks might not be signed in to as many accounts, or it might be
+annoying to enter long/secure passwords (eg, to login to github). Could get
+around this with "login via token via QR code" with long/unlimited expiry.
+Might make more sense to support google OIDC as my guess is that many (most?)
+people have a google account logged in on their phone.
+
## Implementation Notes
To start, using the `loginpass` python library to handle logins, which is built