Implement OpenID

[petterroea]

Would let lan-specific services/apps authenticate against our userbase. Following things are needed:

• OpenID portal
• Rewrite Session to check for a GET-parameter called apiToken et al, and use this in place of the cookie PHPSESSIONID if found when called from a json api function. (And limit permissions based on that)
• Investigate norwegian privacy law concerning information given to the third party the user is authenticating to with their user account at infected.no

Not that much work, but would allow some cool uses.

[halvors]

Would this be compatible with our external apps using the database as authentication. Like crew WIFI etc?

[petterroea]

yes

[halvors]

+1