search

adamwiggins / 12factor

Official fork now at: https://github.com/heroku/12factor
http://12factor.net/
MIT License
409 stars 714 forks source link

Authentication #10

Closed honza closed 12 years ago

honza commented 12 years ago

Hi, this is more of a question about what you're proposing. In a situation where your application is composed of several independent services, how do you handle authentication? How can you make sure that all the components are looking at the same user session/data? I'm a Python guy: what if you have two small Django-based services and you need to make sure that they are both looking at the same User object?

Any pointers would be appreciated

adamwiggins commented 12 years ago

A central identity provider such as OAuth is the emerging best-practice here. Two apps reading the same database and sharing user model code (e.g. User) is generally a bad idea.