Open GunniBusch opened 1 month ago
The built-in auth is complicated. Some authentication information needs to be stored within the system, and persistence needs to be considered
Shouldn't Glance be viewed as an all-around system; as an adhesive between multiple systems, it is more in line with the business positioning?
If it should be used as an adhesive, can an interface be defined to connect to an existing authentication service in the form of an interface to achieve auth
Such as
type AuthConfig struct {
// RedirectURL is the URL to redirect the user to when they need to log in.
LoginRedirectURL string
// IsAuthenticatedURL is the URL to check if the user is authenticated.
IsAuthenticatedURL string
}
type Auth interface {
// IsAuthenticated returns true if the user is authenticated.
IsAuthenticated(macAddress string) (bool, error)
// JumpToLogin redirects the user to the login page.
JumpToLogin(macAddress string) error
}
I am not sure if glance needs auth tbh, as most of the information is public anyway. You could argue that the collection of the given information in one pot makes it kinda data sensitive. But thats up to the maintainers.
Anyways, in the meantime you can use this to get oauth up and running without glance implementing auth: https://github.com/oauth2-proxy/oauth2-proxy
A BasicAuth option should be enough right? At least, a first initial option. I'm not familiar with go. So I can't help here.
Hi, would it be possible to add some kind of auth like email/password and or oauth? Then we could host this also at a remote location.