Please use the 👍 reaction to show that you are interested into the same feature.
Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
Subscribe to receive notifications on status change and new comments.
Is your feature request related to a problem? Please describe.
Currently in Nextcloud it is only possible to protect anonymous shares using a password (or no password). For Sendent we'd like to introduce an alternative flow where the authentication on the share itself can be done by different means instead of the already available password authentication option. For example, instead of using passwords you could also authenticate using captcha's, make some SMS message flow, implement something with e-ID. These are all just examples.
Describe the solution you'd like
What I'd like to propose is to make the share creation, accessing etc. more accessible for 3rd party solutions (official Nextcloud api). The 3rd party solutions in this case would handle the entire authentication flow theirselfs and inform Nextcloud only if it succeeded (or not).
Please notice, in the image attached the discussion should not be about asking for a phonenumber or something else. It should be about the logic handeling.
What I think would work is:
Nextcloud offers an official API to integrate alternative means for authentication for anonymous shares
-- This impacts both share creation and authentication.
3rd party apps handle in it's entirety how the authentication should take place. Nextcloud server should not be aware of how it does this. May introduce new tables, connectors etc.
3rd party solution should offer some standarized specification on which UI elements are available in certain cases, if it overrides some default behavior (share expiration / removal), if there's a new API available, something extensible that it can comply with GDPR data retrieval in case you handle more sensitive data (e.g. phonenumbers in my example).
Describe alternatives you've considered
No clear alternative solution.
Additional context
In my example image I try to define overall how it could work with asking a user of a phonenumber and generating a temp code instead of a regular password. Please note that the 3rd party integration handles all logic and only offers to the Nextcloud Server basic information like UI or displaying the share contents if it receives go-ahead from 3rd party solution.
joshtrichards
commented
3 weeks ago
How to use GitHub
Is your feature request related to a problem? Please describe. Currently in Nextcloud it is only possible to protect anonymous shares using a password (or no password). For Sendent we'd like to introduce an alternative flow where the authentication on the share itself can be done by different means instead of the already available password authentication option. For example, instead of using passwords you could also authenticate using captcha's, make some SMS message flow, implement something with e-ID. These are all just examples.
Describe the solution you'd like What I'd like to propose is to make the share creation, accessing etc. more accessible for 3rd party solutions (official Nextcloud api). The 3rd party solutions in this case would handle the entire authentication flow theirselfs and inform Nextcloud only if it succeeded (or not).
Please notice, in the image attached the discussion should not be about asking for a phonenumber or something else. It should be about the logic handeling.
What I think would work is:
Describe alternatives you've considered No clear alternative solution.
Additional context In my example image I try to define overall how it could work with asking a user of a phonenumber and generating a temp code instead of a regular password. Please note that the 3rd party integration handles all logic and only offers to the Nextcloud Server basic information like UI or displaying the share contents if it receives go-ahead from 3rd party solution.