AngularJS, Websockets, REST APIs for mobile apps, one-time links for emails — what’s the topmost complexity all those things share in common?
It’s authentication. Authentication typically means sessions, and sessions are simply ubiquitous state for our stateless-by-design web.
What's even worse, that state requires all the parts of your webapp to share some dynamically-changing knowledge concerning who is authorized to do what, which mobile apps were authorized to have an access and so on.
JWT
Json Web Tokens. That’s how we will be able to detach our authorization logic from everything else.
- They’re simple, both to issue, to store and to check.
- They’re URL-safe.
- They’re cryptographically safe.
- They’re stateless. (One can easily add some state on top of them if required.)
So my proposal is simple. Let’s implement the JWT-issuing server with RESTful API (I’ve already have a prototype, it’s called AuthStralia). Add some management tool on top of that (should be probably called AuthRica). And then go absolutely wild implementing JWT-validating plugins for all the possible frameworks and environments we will be able to think of. (The only appropriate name I’ve managed to invent here so far is AuthEns, so bring your atlas with you, if possible.)
And yes, AuthStralia prototype is written in Elixir lang. So if pure functional homoiconic languages with purely hygienic macro sistems are your kind of poison — you’re welcome to join just for that reason.
Looking for hackers with the skills:
rest functionalprogramming api authentication web elixir-lang
This project is part of:
Hack Week 11
Activity
Comments
Similar Projects
OpenQA Golang api client by hilchev
Description
I would like to make a simple cli tool to communicate with the OpenQA API
Goals
- OpenQA has a ton of information that is hard to get via the UI. A tool like this would make my life easier :)
- Would potentially make it easier in the future to make UI changes without Perl.
- Improve my Golang skills
Resources
- https://go.dev/doc/
- https://openqa.opensuse.org/api
OIDC Loginproxy by toe
Description
Reverse proxies can be a useful option to separate authentication logic from application logic. SUSE and openSUSE use "loginproxies" as an authentication layer in front of several services.
Currently, loginproxies exist which support LDAP authentication or SAML authentication.
Goals
The goal of this Hack Week project is, to create another loginproxy which supports OpenID Connect authentication which can then act as a drop-in replacement for the existing LDAP or SAML loginproxies.
Testing is intended to focus on the integration with OIDC IDPs from Okta, KanIDM and Authentik.
Resources
Kanidm: A safe and modern IDM system by firstyear
Kanidm is an IDM system written in Rust for modern systems authentication. The github repo has a detailed "getting started" on the readme.
In addition Kanidm has spawn a number of adjacent projects in the Rust ecosystem such as LDAP, Kerberos, Webauthn, and cryptography libraries.
In this hack week, we'll be working on Quokca, a certificate authority that supports PKCS11/TPM storage of keys, issuance of PIV certificates, and ACME without the feature gatekeeping implemented by other CA's like smallstep.
For anyone who wants to participate in Kanidm, we have documentation and developer guides which can help.
I'm happy to help and share more, so please get in touch!
WebUI for your data by avicenzi
A single place to view every bit of data you have.
Problem
You have too much data and you are a data hoarder.
- Family photos and videos.
- Lots of eBooks, TV Shows, Movies, and else.
- Boxes full of papers (taxes, invoices, IDs, certificates, exams, and else).
- Bank account statements (multiple currencies, countries, and people).
Maybe you have some data on S3, some on your NAS, and some on your local PC.
- How do you get it all together?
- How do you link a bank transaction to a product invoice?
- How to tag any object type and create a collection out of it (mix videos, photos, PDFs, transactions)?
- How to store this? file/folder structure does not work, everything is linked together
Project Description
The idea is a place where you can throw all your data, photos, videos, documents, binaries, and else.
Create photo albums, document collections, add tags across multiple file-formats, link content, and else.
The UI should be easy to use, where the data is not important for now (could be all S3 or local drive).
Similar proposals
The closest I found so far is https://perkeep.org/, but this is not what I'm looking for.
Goal for this Hackweek
Create a web UI, in Svelte ideally, perhaps React.
It should be able to show photos and videos at least.
Resources
None so far, this is just an idea.
Learn how to integrate Elixir and Phoenix Liveview with LLMs by ninopaparo
Description
Learn how to integrate Elixir and Phoenix Liveview with LLMs by building an application that can provide answers to user queries based on a corpus of custom-trained data.
Goals
Develop an Elixir application via the Phoenix framework that:
- Employs Retrieval Augmented Generation (RAG) techniques
- Supports the integration and utilization of various Large Language Models (LLMs).
- Is designed with extensibility and adaptability in mind to accommodate future enhancements and modifications.
Resources
- https://elixir-lang.org/
- https://www.phoenixframework.org/
- https://github.com/elixir-nx/bumblebee
- https://ollama.com/