diff options
author | Bryan Newbold <bnewbold@robocracy.org> | 2019-01-07 17:44:36 -0800 |
---|---|---|
committer | Bryan Newbold <bnewbold@robocracy.org> | 2019-01-07 17:44:36 -0800 |
commit | 5e138c0cf74c68cbf0892437d9081f4132236ef4 (patch) | |
tree | ac4eafb78d75e3eddc56f3f69aa6794772ff7be6 /notes | |
parent | 5d5a5648cb480e05c4253c954c71094c7251b65a (diff) | |
download | fatcat-5e138c0cf74c68cbf0892437d9081f4132236ef4.tar.gz fatcat-5e138c0cf74c68cbf0892437d9081f4132236ef4.zip |
more auth notes
Diffstat (limited to 'notes')
-rw-r--r-- | notes/auth.md | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/notes/auth.md b/notes/auth.md index 1918dc82..b73ce343 100644 --- a/notes/auth.md +++ b/notes/auth.md @@ -201,6 +201,16 @@ Looked at a few other options for managing use accounts: public infrastructure. - having webface generate macaroons itself +Will probably eventually need to support multiple logins per editor account. +Shouldn't be too hard, but will require additional API endpoints (POST with +`editor_id` included, DELETE to remove, etc). + +On mobile folks might not be signed in to as many accounts, or it might be +annoying to enter long/secure passwords (eg, to login to github). Could get +around this with "login via token via QR code" with long/unlimited expiry. +Might make more sense to support google OIDC as my guess is that many (most?) +people have a google account logged in on their phone. + ## Implementation Notes To start, using the `loginpass` python library to handle logins, which is built |