At the moment there's just one user. I've got one password that is set in an environment variable.
I'd like to open it up to multiple users so I can get my friends to test out the app.
To do that, we'd need to:
add a users table. add views for signing up, admin approving new users. It hashes the passwords etc.
adjust autentication so that instead of typing in the app password, you type in your own password, it checks it against the hash
use Redis for storing session keys? I don't know much about that.
change the Nginx security strategy - at the moment I'm adding the add password on as a URL search param. Maybe each user has a special token that is added on? Probably won't be able to continue using Nginx to serve static files - will probably need to use an Astro endpoint instead (so that we can check the token and reject if it's incorrect).
change the database structure so that every article belongs to a user, extraction rules belong to user...
will need to think about this when we're adding multiple feeds functionality (see #15)
maybe set up user limits for how much TTS a user can use? E.g. cut off after $3 or something like that.
At the moment there's just one user. I've got one password that is set in an environment variable.
I'd like to open it up to multiple users so I can get my friends to test out the app.
To do that, we'd need to: