AuthStralia — (almost) stateless authorization ecosystem for a web age
an invention by kpimenov
Updated over 3 years ago. 4 hacker ♥️.

AngularJS, Websockets, REST APIs for mobile apps, one-time links for emails — what’s the topmost complexity all those things share in common?

It’s authentication. Authentication typically means sessions, and sessions are simply ubiquitous state for our stateless-by-design web.

What's even worse, that state requires all the parts of your webapp to share some dynamically-changing knowledge concerning who is authorized to do what, which mobile apps were authorized to have an access and so on.

JWT

Json Web Tokens. That’s how we will be able to detach our authorization logic from everything else.

  • They’re simple, both to issue, to store and to check.
  • They’re URL-safe.
  • They’re cryptographically safe.
  • They’re stateless. (One can easily add some state on top of them if required.)

So my proposal is simple. Let’s implement the JWT-issuing server with RESTful API (I’ve already have a prototype, it’s called AuthStralia). Add some management tool on top of that (should be probably called AuthRica). And then go absolutely wild implementing JWT-validating plugins for all the possible frameworks and environments we will be able to think of. (The only appropriate name I’ve managed to invent here so far is AuthEns, so bring your atlas with you, if possible.)

And yes, AuthStralia prototype is written in Elixir lang. So if pure functional homoiconic languages with purely hygienic macro sistems are your kind of poison — you’re welcome to join just for that reason.

Looking for hackers with the skills:

rest functionalprogramming api authentication web elixir-lang

This project is part of:

Hack Week 11

Activity

  • about 6 years ago: mvidner liked this project.
  • about 8 years ago: hennevogel liked this project.
  • about 8 years ago: sndirsch liked this project.
  • about 8 years ago: kpimenov liked this project.
  • about 8 years ago: kpimenov added keyword "rest" to this project.
  • about 8 years ago: kpimenov added keyword "functionalprogramming" to this project.
  • about 8 years ago: kpimenov added keyword "api" to this project.
  • about 8 years ago: kpimenov added keyword "authentication" to this project.
  • about 8 years ago: kpimenov added keyword "web" to this project.
  • about 8 years ago: kpimenov added keyword "elixir-lang" to this project.
  • about 8 years ago: kpimenov started this project.
  • about 8 years ago: kpimenov originated this project.


    • Comments

    • kpimenov
      about 8 years ago by kpimenov | Reply

      First take on the API server: https://github.com/kirushik/auth_stralia

    • kpimenov
      about 8 years ago by kpimenov | Reply

      And as a result of the Hackweek 11 I'm proud to present AuthStralia v0.0.2 — completely working API, some messy code, whole lots of places for future improvement and features!

      https://github.com/kirushik/auth_stralia/releases/tag/0.0.2

    Similar Projects

    A React-based alternative to our beloved bug/issue tracker finglonger by avshiliaev

    [comment]: # (Please use the project descriptio...

    Kanidm - Modern Opensource Identity Management by firstyear

    Project Description

    Kanidm is a identity ma...

    Adopt Typescript in D-Installer by IGonzalezSosa

    Project Description

    In January, we announ...

    WebRTC individual track recorder by avicenzi

    [comment]: # (Please use the project descriptio...

    Setup A Linux Cross Referencer for SUSE kernels by tdz

    Project Description

    There's [Elixir](http...

    Loggee - A tool to interact with your board game collection and plays (made in Elixir) by gfilippetti

    [comment]: # (Please use the project descriptio...

    Commanded EventStoreDB Spear (GRPC) adapter by fabriziosestito

    Project Description

    The Commanded Elixir ...