Closed rgwozdz closed 6 years ago
One higher-level question in response to the "registration" suggestion:
const auth = require('koop-auth-direct')({options})
koop.register(auth)
=> registered auth plugin for all providers
Do we want to have auth-plugin automatically applied to all registered providers? Or do we want a more explicit registration that looks for a property on the Provider? (e.g. auth: true
).
Another higher level question. Do we want to allow different identity-management approaches across providers? For example, say you have a koop instance with two providers, and you want to have different sets of users authorized for each provider. If we allow auth to be implemented differently across providers (e.g. different validateCredentials
function per provider) we could support this use-case.
@dmfenton - refactor as per discussion earlier today. 8718c2f
Create an authentication module that:
authenticationSpecification
,authenticate
, andvalidateToken
.