Authentication Modules

[zethon]

One of the several ideas of Kekbo is to allow admins to use a "Bring You Own" authentication mechanism. For example, admins may be running a message board, so there could be different authentication mechanisms that use the message board's database to authenticate users. Another might be a simple website that allows people to sign up and has a custom database, so that admin could in theory write their own.

This involves multiple steps:

• providing a plug and play mechanism for these authentication modules
• creating a basic/trivial authentication module
• adding a kekbo-server API that facilitates communication between the authentication model and the client

[zethon]

Sessionization is something that needs to be configured. Clients can request a login token from /login token passing in the the username and the password encrypted using Argon2.

For Python we have:

const blake = require('blakejs');
const hash = blake.blake2bHex("Your message");
console.log(hash);

And for Javascript:

npm install argon2-browser

const argon2 = require('argon2-browser');

const password = 'your-password';
const salt = crypto.getRandomValues(new Uint8Array(16)); // Generate a random salt

argon2.hash({
  pass: password,
  salt: salt,
  type: argon2.ArgonType.Argon2id, // Argon2id is recommended for most uses
  time: 3,  // Iteration count
  mem: 4096,  // Memory usage in KiB
  hashLen: 32,  // Desired length of the hash
}).then(hash => {
  console.log('Hash:', hash.encoded);
}).catch(err => {
  console.error('Error:', err);
});