Open zachbf opened 2 years ago
This doesn't look to be a good idea, I tried today to implement it and I stumbled upon several issues mainly because the project uses Lumen which is stripped-down version of Laravel which is made for APIs rather than websites so it doesn't support sessions and user management out-of-the-box.
I also find this alert on the Laravel/Lumen website (https://lumen.laravel.com/docs/9.x/installation) :
Note: In the years since releasing Lumen, PHP has made a variety of wonderful performance improvements. For this reason, along with the availability of Laravel Octane, we no longer recommend that you begin new projects with Lumen. Instead, we recommend always beginning new projects with Laravel.
and discovered we are on version 8 of Lumen.
So I think we need to take a decision here: 1- Move everything to something more supported (e.g. Laravel if we want to reuse the code) 2- Scrap the application and start fresh using a VATSIM standard language (e.g. Python) 3- Keep the application (even if it will be very hard to maintain) and create a web interface somewhere (myVatsim?) to create the keys
Let me know your thoughts.
Tech people are probably against this, but it sounds like the best idea to add key management to my.vatsim.net under the admin area for Subdivision Directors. We already have assigned permissions for all Subdivision Directors, meaning we would not have to maintain permissions on yet another system when staff change.
Hi all,
@nharasym commented here https://discord.com/channels/775552633918062643/998691178591551513/1029925513831125033 that they are moving to Nginx Unit and by looking at discussions on the Discord server I understand the overall direction is to move away from PHP. I would actually like to build this in the tech stack which we will give the least possible tech debt so we can somehow "fire & forget"
Another suggestion if I were to rewrite would be to use TS with Express or Fastify I could contribute in this part
VATSIM SSO should be added so that authenticated users can request a new API key.