batpad
commented
1 year ago From chat:
Ory has released a “cloud offering” https://www.ory.sh/, this could help us solve the hydra hosting solution. - @kamicut
Open batpad opened 1 year ago
batpad
commented
1 year ago From chat:
Ory has released a “cloud offering” https://www.ory.sh/, this could help us solve the hydra hosting solution. - @kamicut
kamicut
commented
1 year ago We've currently done this by running the osm-teams repository auth-v1 branch as a a separate application. We've also created some tentative work in https://github.com/developmentseed/osm-teams-auth that could replace the auth-v1 branch.
Relates to #206
Based on conversation with @kamicut (@kamicut please feel free to correct things I might have gotten wrong) -
Currently, OSM Hydra, that handles OAuth for the
osm-teamsapplication, runs as a separate docker container, but needs to be run on the same machine / infrastructure as theosm-teamsNextJS application. This has a few disadvantages:docker-composeand that means one can't use Vercel or other NextJS specific hosting platforms.osm-teamsweb applicaton and the OSM Hydra auth service seems like sensible, flexible architecture going forward.How I roughly understand what needs to be done (@kamicut you will need to fill in specifics of the way forward in more detail / where more investigation needs to happen):
osm-teamscontainer / application should accept environment variables to define the IP / port of the OSM Hydra service - if possible, allow passing of env vars to a generic auth service like Auth0.This does seem like there's a few unknowns here that would be good to lockdown.
@kamicut @vgeorge - am going to put this into the Refactor milestone for now, but, I think this should not change the setup of the core app very much, and we could perhaps move to take on later, but let's discuss.