Open avirshup opened 7 years ago
I did a spike on the capabilities of the Forge platform and how it can be used for this project. Brief results are here, and Drew and Flo and I plan to meet next week to discuss next steps.
I created an example project to experiment with Forge auth. I was able to easily use Forge as an oauth2 provider (similar to a "sign in with Google/Facebook" sort of thing). It worked fine, gave my app the user data we would need (email address), and was able to work side-by-side with a standard email/password login.
I modified the example project and made some command line http requests to test out Forge's ability to store and manage user data and files.
The ability to upload/download files at an app level, almost identically to how S3 works, was fine and simple to get working. The files were not associated with individual users or any sort of permission system, just accessible by the app backend itself.
The api only supports saving files, so any data storage would consist of uploading and downloading json files. This is unreasonable for all but the most static and unqueryable data.
The API also provides some functionality for storing and grouping files in a hierarchy based on hubs, projects, and folders. It doesn't seem to support creation and management of advanced user grouping and permissions, and seems to be directed towards storing design files for a few Autodesk products (like Fusion360, etc).
The only thing I could see of interest to store using these features would be input/output files created during the run of a workflow. This would probably be possible, and we could associate the files with the user than ran them. However, the user management in Forge doesn't seem like it's at all capable of replacing a user management system in MST's own database. Maybe if there is something else we can take advantage of, like billing users for using storage via Forge, then that would be a reason to do this.
Right now my recommendation would be a database-driven backend for MST that handles user auth and grouping/permissions, with Forge as an alternative login method since that was so easy to get working. If we want to upload files to Forge instead of S3 just for the sake of using Forge, then that shouldn't be too hard either. If we want to seriously consider doing anything more serious than that via Forge then we should get someone from the Forge team to sit down with us and go over our options.
Drew, Flo, and I will meet when Flo is back next week and go over next steps.
Create initial infrastructure plan for user accounts, with input from @cojofra, @dionjwa, @PeterRJones, @MalteTinnus and @dhylbert as needed