Would let lan-specific services/apps authenticate against our userbase. Following things are needed:
OpenID portal
Rewrite Session to check for a GET-parameter called apiToken et al, and use this in place of the cookie PHPSESSIONID if found when called from a json api function. (And limit permissions based on that)
Investigate norwegian privacy law concerning information given to the third party the user is authenticating to with their user account at infected.no
Not that much work, but would allow some cool uses.
Would let lan-specific services/apps authenticate against our userbase. Following things are needed:
apiToken
et al, and use this in place of the cookie PHPSESSIONID if found when called from a json api function. (And limit permissions based on that)Not that much work, but would allow some cool uses.