Open signekb opened 5 months ago
@philter87 Do you have any thoughts on what is needed login-wise for this project? Like where/how it should be done? Would it be helpful - or necessary maybe? - to create a separate repo for a login module?
Initially, I would prefer the login to be part of sprout. We can do the login functionality in a separate app, so we can easily move it to another repository if we need to in the future.
Other considerations or comments:
We should probably also make a decision on whether or not people will need to be online in order for the login to work...
@philter87 agree about keeping it in sprout for now, especially since the other apps might work a bit differently.
Just to agree that it would probably be worth it to make the design docs reflect this plan. Because on a first read there can sometimes be a bit of confusion telling apart concrete plans and potential options.
E.g. Building block view references remote and local auth servers, Cross-cutting concepts says 2FA and OAuth will be central to the framework, and Risks seems to recommend OAuth or JWT ?over? what's provided by Django.
It would be helpful for creating user flow diagrams and wireframes for the log in flow, if you could write a post on the thoughts so far for how users will log in. @K-Beicher I have assigned Luke for now, but please chime in with your thoughts as well ☺ Maybe @lwjohnst86 will write his thoughts down and then the post will be passed on to you? And, subsequently, the rest of us?
I, @signekb, will attempt to flesh out the user flow diagrams for logging in after this issue.
Then, @henrik-goul can use that for creating the wireframes for logging in.