Hubot Auth annoys me

[kristenmills]

I don't like the commands. Also we might want to have auth determined by the SSE API.

[djrenren]

do we have auth commands? cuz we shouldn't... as for auth determined by the SSE API... I'd keep slack only concepts in hubot and SSE-level concepts there

[kristenmills]

It's currently not determined by the API. The only commands that are protected by auth are enable and disable. Go read my pull request if you want to know more...I don't want to type it on my phone #3

[craigcabrey]

I have the concepts of roles in the API now. That with the new /auth/token endpoint might be interesting to you, especially since I encode the Member object in the JWT itself.

However, if the user hasn't linked their slack account, the API won't be able to find a Member. Should the API return a not found message, hubot should probably notify the user that they should connect their account. I'll be implementing GitHub and Slack "connecting" functionality. That way we'll also be able to automate adding a new member to the GitHub organization, for example.

[craigcabrey]

Example payload:

{
  "level": 100,
  "member": {
    "id": "1",
    "first_name": "John",
    "last_name": "Doe",
    "email": "jxd1234@g.rit.edu",
    "created_at": "2015-08-01 01:54:41",
    "updated_at": "2015-08-01 01:54:41",
    "memberships_url": "http://localhost:8000/api/v1/memberships?member=1",
    "profiles": {
      "slack": "U1234567890"
    },
    "url": "http://localhost:8000/api/v1/members/1",
    "roles": [
      {
        "id": "1",
        "name": "admin",
        "display_name": "Administrator",
        "description": "Member is an administrator",
        "created_at": "2015-08-01 01:54:41",
        "updated_at": "2015-08-01 01:54:41",
        "pivot": {
          "member_id": "1",
          "role_id": "1"
        }
      }
    ]
  },
  "sub": "1",
  "iss": "http://localhost:8000/api/v1/auth/token",
  "iat": "1438401417",
  "exp": "1438405017",
  "nbf": "1438401417",
  "jti": "cb0c05eb995eac5cd0ee797284833a38"
}