AngularJS, Websockets, REST APIs for mobile apps, one-time links for emails — what’s the topmost complexity all those things share in common?

It’s authentication. Authentication typically means sessions, and sessions are simply ubiquitous state for our stateless-by-design web.

What's even worse, that state requires all the parts of your webapp to share some dynamically-changing knowledge concerning who is authorized to do what, which mobile apps were authorized to have an access and so on.

JWT

Json Web Tokens. That’s how we will be able to detach our authorization logic from everything else.

  • They’re simple, both to issue, to store and to check.
  • They’re URL-safe.
  • They’re cryptographically safe.
  • They’re stateless. (One can easily add some state on top of them if required.)

So my proposal is simple. Let’s implement the JWT-issuing server with RESTful API (I’ve already have a prototype, it’s called AuthStralia). Add some management tool on top of that (should be probably called AuthRica). And then go absolutely wild implementing JWT-validating plugins for all the possible frameworks and environments we will be able to think of. (The only appropriate name I’ve managed to invent here so far is AuthEns, so bring your atlas with you, if possible.)

And yes, AuthStralia prototype is written in Elixir lang. So if pure functional homoiconic languages with purely hygienic macro sistems are your kind of poison — you’re welcome to join just for that reason.

Looking for hackers with the skills:

rest functionalprogramming api authentication web elixir-lang

This project is part of:

Hack Week 11

Activity

  • almost 8 years ago: mvidner liked this project.
  • about 10 years ago: hennevogel liked this project.
  • about 10 years ago: sndirsch liked this project.
  • about 10 years ago: kpimenov liked this project.
  • about 10 years ago: kpimenov added keyword "rest" to this project.
  • about 10 years ago: kpimenov added keyword "functionalprogramming" to this project.
  • about 10 years ago: kpimenov added keyword "api" to this project.
  • about 10 years ago: kpimenov added keyword "authentication" to this project.
  • about 10 years ago: kpimenov added keyword "web" to this project.
  • about 10 years ago: kpimenov added keyword "elixir-lang" to this project.
  • about 10 years ago: kpimenov started this project.
  • about 10 years ago: kpimenov originated this project.

  • Comments

    • kpimenov
      about 10 years ago by kpimenov | Reply

      First take on the API server: https://github.com/kirushik/auth_stralia

    • kpimenov
      about 10 years ago by kpimenov | Reply

      And as a result of the Hackweek 11 I'm proud to present AuthStralia v0.0.2 — completely working API, some messy code, whole lots of places for future improvement and features!

      https://github.com/kirushik/auth_stralia/releases/tag/0.0.2

    Similar Projects

    OpenQA Golang api client by hilchev

    Description

    I would like to make a simple cli tool to communicate with the OpenQA API

    Goals

    • OpenQA has a ton of information that is hard to get via the UI. A tool like this would make my life easier :)
    • Would potentially make it easier in the future to make UI changes without Perl.
    • Improve my Golang skills

    Resources

    • https://go.dev/doc/
    • https://openqa.opensuse.org/api


    Kanidm: A safe and modern IDM system by firstyear

    Kanidm is an IDM system written in Rust for modern systems authentication. The github repo has a detailed "getting started" on the readme.

    Kanidm Github

    In addition Kanidm has spawn a number of adjacent projects in the Rust ecosystem such as LDAP, Kerberos, Webauthn, and cryptography libraries.

    In this hack week, we'll be working on Quokca, a certificate authority that supports PKCS11/TPM storage of keys, issuance of PIV certificates, and ACME without the feature gatekeeping implemented by other CA's like smallstep.

    For anyone who wants to participate in Kanidm, we have documentation and developer guides which can help.

    I'm happy to help and share more, so please get in touch!


    OIDC Loginproxy by toe

    Description

    Reverse proxies can be a useful option to separate authentication logic from application logic. SUSE and openSUSE use "loginproxies" as an authentication layer in front of several services.

    Currently, loginproxies exist which support LDAP authentication or SAML authentication.

    Goals

    The goal of this Hack Week project is, to create another loginproxy which supports OpenID Connect authentication which can then act as a drop-in replacement for the existing LDAP or SAML loginproxies.

    Testing is intended to focus on the integration with OIDC IDPs from Okta, KanIDM and Authentik.

    Resources


    WebUI for your data by avicenzi

    A single place to view every bit of data you have.

    Problem

    You have too much data and you are a data hoarder.

    • Family photos and videos.
    • Lots of eBooks, TV Shows, Movies, and else.
    • Boxes full of papers (taxes, invoices, IDs, certificates, exams, and else).
    • Bank account statements (multiple currencies, countries, and people).

    Maybe you have some data on S3, some on your NAS, and some on your local PC.

    • How do you get it all together?
    • How do you link a bank transaction to a product invoice?
    • How to tag any object type and create a collection out of it (mix videos, photos, PDFs, transactions)?
    • How to store this? file/folder structure does not work, everything is linked together

    Project Description

    The idea is a place where you can throw all your data, photos, videos, documents, binaries, and else.

    Create photo albums, document collections, add tags across multiple file-formats, link content, and else.

    The UI should be easy to use, where the data is not important for now (could be all S3 or local drive).

    Similar proposals

    The closest I found so far is https://perkeep.org/, but this is not what I'm looking for.

    Goal for this Hackweek

    Create a web UI, in Svelte ideally, perhaps React.

    It should be able to show photos and videos at least.

    Resources

    None so far, this is just an idea.


    Multi-pod, autoscalable Elixir application in Kubernetes using K8s resources by socon

    Description

    Elixir / Erlang use their own solutions to create clusters that work together. Kubernetes provide its own orchestration. Due to the nature of the BEAM, it looks a very promising technology for applications that run in Kubernetes and requite to be always on, specifically if they are created as web pages using Phoenix.

    Goals

    • Investigate and provide solutions that work in Phoenix LiveView using Kubernetes resources, so a multi-pod application can be used
    • Provide an end to end example that creates and deploy a container from source code.

    Resources

    https://github.com/dwyl/phoenix-liveview-counter-tutorial https://github.com/propedeutica/elixir-k8s-counter


    Learn how to integrate Elixir and Phoenix Liveview with LLMs by ninopaparo

    Description

    Learn how to integrate Elixir and Phoenix Liveview with LLMs by building an application that can provide answers to user queries based on a corpus of custom-trained data.

    Goals

    Develop an Elixir application via the Phoenix framework that:

    • Employs Retrieval Augmented Generation (RAG) techniques
    • Supports the integration and utilization of various Large Language Models (LLMs).
    • Is designed with extensibility and adaptability in mind to accommodate future enhancements and modifications.

    Resources

    • https://elixir-lang.org/
    • https://www.phoenixframework.org/
    • https://github.com/elixir-nx/bumblebee
    • https://ollama.com/