AngularJS, Websockets, REST APIs for mobile apps, one-time links for emails — what’s the topmost complexity all those things share in common?
It’s authentication. Authentication typically means sessions, and sessions are simply ubiquitous state for our stateless-by-design web.
What's even worse, that state requires all the parts of your webapp to share some dynamically-changing knowledge concerning who is authorized to do what, which mobile apps were authorized to have an access and so on.
JWT
Json Web Tokens. That’s how we will be able to detach our authorization logic from everything else.
- They’re simple, both to issue, to store and to check.
- They’re URL-safe.
- They’re cryptographically safe.
- They’re stateless. (One can easily add some state on top of them if required.)
So my proposal is simple. Let’s implement the JWT-issuing server with RESTful API (I’ve already have a prototype, it’s called AuthStralia). Add some management tool on top of that (should be probably called AuthRica). And then go absolutely wild implementing JWT-validating plugins for all the possible frameworks and environments we will be able to think of. (The only appropriate name I’ve managed to invent here so far is AuthEns, so bring your atlas with you, if possible.)
And yes, AuthStralia prototype is written in Elixir lang. So if pure functional homoiconic languages with purely hygienic macro sistems are your kind of poison — you’re welcome to join just for that reason.
Looking for hackers with the skills:
rest functionalprogramming api authentication web elixir-lang
This project is part of:
Hack Week 11
Activity
Comments
Similar Projects
HTTP API for nftables by crameleon
Background
The idea originated in https://progress.opensuse.org/issues/164060 and is about building RESTful API which translates authorized HTTP requests to operations in nftables, possibly utilizing libnftables-json(5).
Originally, I started developing such an interface in Go, utilizing https://github.com/google/nftables. The conversion of string networks to nftables set elements was problematic (unfortunately no record of details), and I started a second attempt in Python, which made interaction much simpler thanks to native nftables Python bindings.
Goals
- Find and track the issue with google/nftables
- Revisit and polish the Python code, primarily the server component
- Finish functionality to interact with nftables sets (retrieving and updating elements), which are of interest for the originating issue
- Align test suite
- Packaging
Resources
- https://git.netfilter.org/nftables/tree/py/src/nftables.py
- https://git.com.de/Georg/nftables-http-api (to be moved to GitHub)
- https://build.opensuse.org/package/show/home:crameleon:containers/pytest-nftables-container
HTTP API for nftables by crameleon
Background
The idea originated in https://progress.opensuse.org/issues/164060 and is about building RESTful API which translates authorized HTTP requests to operations in nftables, possibly utilizing libnftables-json(5).
Originally, I started developing such an interface in Go, utilizing https://github.com/google/nftables. The conversion of string networks to nftables set elements was problematic (unfortunately no record of details), and I started a second attempt in Python, which made interaction much simpler thanks to native nftables Python bindings.
Goals
- Find and track the issue with google/nftables
- Revisit and polish the Python code, primarily the server component
- Finish functionality to interact with nftables sets (retrieving and updating elements), which are of interest for the originating issue
- Align test suite
- Packaging
Resources
- https://git.netfilter.org/nftables/tree/py/src/nftables.py
- https://git.com.de/Georg/nftables-http-api (to be moved to GitHub)
- https://build.opensuse.org/package/show/home:crameleon:containers/pytest-nftables-container