git4school / git4school-visu

Git4School, a dashboard for supporting teacher interventions in Software Engineering courses
https://git4school.firebaseapp.com/
Apache License 2.0
2 stars 3 forks source link

Find out how to authenticate to Gitlab with the REST API #113

Closed F0urchette closed 3 years ago

F0urchette commented 3 years ago

Description

We need to see how to connect with a Gitlab account without using firebase (which is not available for this forge). To do so, we will have to use the REST API

Hints

F0urchette commented 3 years ago

Here are the observations that led me to the conclusion that personal access tokens should be used for authentication :

Finally, the question of the user session comes up. It seems to be a problem to ask the user to enter the personal access token for each connection. It would be necessary to be able to store it somewhere (_on a secured place, therefore a server) to keep the user session alive.

F0urchette commented 3 years ago

So the decision is to store the token in the local storage. Here are the sources :

What are the options to store the token ?

Why local storage is unsafe ?

Why it's ok to use local storage even if it's unsafe ?

F0urchette commented 3 years ago

Here is the beginning of an open-source alternative to Firebase, especially with the cloud functions that is in progress : https://supabase.io/