Authentication by third parties on registration & login

networkimprov / mnm

mnm implements TMTP protocol. Let Internet sites message members directly, instead of unreliable, insecure email. Contributors welcome! (Server)

https://mnmnotmail.org

Mozilla Public License 2.0

227 stars 10 forks source link

Authentication by third parties on registration & login #9

Open networkimprov opened 3 years ago

networkimprov commented 3 years ago

A publicly accessible mnm site needs ways to identify & authenticate people registering new accounts. Possibilities include:

HumanID https://human-id.org
Twitter (etc) verified accounts
Designated OpenID Connect providers

A private mnm site needs ways to limit registrations & (often) logins to specific people or groups. Possibilities:

LDAP
Kerberos

A mnm site shall be able to require authentication on registration & login, or only registration. Private sites would typically require both; public sites would not (as that means a third-party action can deny someone access to email).

networkimprov commented 3 years ago

The initial OpenID Connect implementation is in 4aa2b88a.

See docs under https://github.com/networkimprov/mnm#configuration.

ghost commented 1 year ago

Hi networkimprov.

A mnm site shall be able to require authentication on registration & login, or only registration. Private sites would typically require both; public sites would not (as that means a third-party action can deny someone access to email).

Would it be possible to use oauth for authentication in tmtp?

networkimprov commented 1 year ago

Please see commit mentioned above re OpenID Connect, which is oauth2 based.

ghost commented 1 year ago

Hi networkimprov.

Please see commit mentioned above re OpenID Connect, which is oauth2 based.

thank you for feedback here.