Open UdaySagar-Git opened 2 months ago
@rithviknishad can you please assign this to me !
This may be an opt-in feature. To be disabled by default and would be disabled for this org's deployment too.
How would you validate a user is allowed to access the deployment?
How would you validate a user is allowed to access the deployment?
Let's say an organization A that has private repositories and their leaderboard is set to include those information, how would you validate if a person is from org. A?
That might be a bit tricky!
I have one suggestion,
Instead of implementing register/login
functionality, let's consider adding a toggle
on the homepage to switch between private
and public
repositories. When a visitor toggles to view private repositories, we'll then validate whether the visitor is allowed access.
It is less complicated i guess.
@rithviknishad , can we have a separate endpoint that is only accessible to the owner? The owner's email will be placed in the env , and the user with that email can access a route where the owner can add users' emails to allow them access to the website. I think we can somehow have write access permissions for the data repository directly using GitHub's new fine-grained PAT and update the data repository using Octokit.
, Also, we can directly update a specific file, such as allowedUsers
, from the web using Octokit.
@dgparmar14 we need authentication to verify the users who will have access to private repositories, right? The problem here is how we're going to allow which users will have access to private repositories Let me know if you have any ideas on how this can be achieved