having external authentication provider + password not null

mam-dev / cosmo

Cosmo Calendar Server implements the server side of the CalDAV protocol.

Apache License 2.0

77 stars 45 forks source link

having external authentication provider + password not null #74

Closed f1-outsourcing closed 5 months ago

f1-outsourcing commented 5 months ago

I was wondering if it would not be better to allow the password to be set to null if one is using an external authentication provider. Would it not be more logical not to store a password?

danielgrigore commented 5 months ago

Hi @f1-outsourcing

If you use an external authentication system I would say it is best to keep both username and password outside cosmo database. That's the best way in my opinion. Cheers,

f1-outsourcing commented 5 months ago

How should the binding than be between external authentication and mariadb? There are some relationships that depend on this user table not?

danielgrigore commented 5 months ago

Strictly related to this issue, you could an UUID as password since you are not going to use it anyway instead of making the password field accepting null values.

f1-outsourcing commented 5 months ago

Yes but that would be less conventional/logical. I think the best option would be to allow the password field to stay NULL, then it is most clear the user is different, probably external auth. Now I am doing something with random passwords which is strange also.