Authentication

[jmutchek]

We should be able to implement a fairly simple cookie-based auth mechanism for the index page:

1. if index page loads without cookie, redirect to login page
2. login page posts to api for authN, if user has never logged in before, create the user and store a hash of the new password?
3. success redirects to index page with cookie in payload

Not sure how we want the ux of the bookmarklet if used without a pre-existing cookie? Simplest would be the drop down panel popping up a new window with the login page I guess.

This one feels like it requires a little more coordination that most of the work so far.

[martylamb]

authentication is easy to add (there are plugins already for the framework we are using) and they pretty much work as you describe.

this raises the user management question though: user creation/removal, changing and resetting passwords, concept of an "admin" user... i think this is where we need to define our goals.

[martylamb]

No longer in a plugin as of https://github.com/martylamb/bookmartian/commit/c383ad683d252976f2c3f3a3eeea0149e71b01b8 (just moved into main project)