slotlist / slotlist-backend

Backend of slotlist.info, an ArmA 3 mission planning and slotlist management tool
https://slotlist.info
MIT License
14 stars 6 forks source link

Custom OAuth provider #102

Open Jarvvski opened 6 years ago

Jarvvski commented 6 years ago

Hey @MorpheusXAUT, I stumbled across this and think it's a great idea!

I see you have Steam Sign in, which uses OAuth. Have you looked into the idea of being able to set at a server level (.env's or w/e) a custom provider instead?

For https://7cav.us we have our own OAuth server, to provide login for any of our services. Would prefer to use that over using steam.

I haven't even pulled your stuff yet, but I'd like to look at this as a thing for the future.

Thoughts?

MorpheusXAUT commented 6 years ago

Hi @Jarvvski,

there has been no plans to integrate external OAuth providers so far - the whole login was built around using Steam SSO (since every ArmA3 player must have a Steam account anyways). That said, with some work, the authentication flow could probably be adapted to support "third-party" OAuth providers as well (given they play along nicely with the library used, although I guess that'd be the case for every OpenID standard compliant provider. The only issue would be that I use the Steam API to retrieve an initially set nickname for the user, which would obviously not work with a custom OAuth provider and would probably require a greater rework/abstraction to work with generic APIs...

Do I assume correctly you're talking about running your own instance of the backend/frontend afterwards, or did you think about integrating your authentication service for the "main" slotlist.info service?

Happy to discuss this in more details (e.g. via Discord) and see about potential way to extend the platform!

Jarvvski commented 6 years ago

Sure thing. Will reach out on discord, but for those interested this is regarding the plan to open up self-hosted versions of the application to support own OAuth providers