Tenant management and authentication

apache / horaedb

Apache HoraeDB (incubating) is a high-performance, distributed, cloud native time-series database.

https://horaedb.apache.org

Apache License 2.0

2.64k stars 207 forks source link

Tenant management and authentication #929

Closed chunshao90 closed 6 months ago

chunshao90 commented 1 year ago

Describe This Problem

Tenant management and authentication.

Proposal

Simple solution

[ ] config files, something like


[server.auth]
enable = true
# available values: file/ceresmeta
source = "file"

[server.auth.file] username = "admin" password = "secret-token"


#### Complex
- [ ] `ceresmeta` supports creating tenants and generating tokens.
- [ ] `ceresdb` supports identity verification.

### Additional Context

_No response_

jiacai2050 commented 1 year ago

Besides store tenants in ceresmeta, we should also support this via config files

https://github.com/CeresDB/ceresdb/issues/1016#issuecomment-1605831993

jiacai2050 commented 1 year ago

https://www.postgresql.org/docs/current/sql-createrole.html

PG will store password according to https://www.postgresql.org/docs/current/runtime-config-connection.html#GUC-PASSWORD-ENCRYPTION, and users can't get original password.

jiacai2050 commented 6 months ago

For gRPC, we can use Bearer auth

https://github.com/hyperium/tonic/blob/master/examples/src/authentication/client.rs