-
Notifications
You must be signed in to change notification settings - Fork 353
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Design and develop generic login UI #3644
Comments
Invision prototype: Note:
|
Here is what an Esri OAuth powered page looks like - basically you click the "Sign In" button and it throws another window which we have next to no styling control over. So in its most minimal implementation we just need a button to throw a window. Hope that helps :) |
@rowanwins ah, thanks. In the prototype posted above I included oath buttons for google and Esri, but now I see that the Esri login UI also has oath buttons (FB, Google). Will they still lead users back to the Terrace editor? |
FWIW I'm also leaving this till the end - right now we have super basic auth going by logging into google (without the UI) |
Hey @philipgrimmett So I was coming at this from the Terria side rather than the Terrace side. I'm thinking of the average user of the digital twin who has no interest in Terrace. So perhaps I was coming from a different angle. |
While I’m not exactly a core stakeholder as I’ve only just started to use Terria, I was surprised by the lack of any auth beyond basic auth. Looking at this ticket, I’d like to point out the broader utility of OpenID Connect over directly using OAuth. Supporting OIDC would make user auth a nearly plug and play experience for people who’s infrastructure supports it already. The OIDC components of Terria would just need to be configured to use their OIDC provider much like how they would configure the Cesium Ion API Token. |
So I did a little work on the possibility of implementing an OIDC proof of concept using an existing generic OIDC library ( https://github.com/IdentityModel/oidc-client-js ), and while looking further into the Terria code, it seems like everything is using the Since any authentication implementation using OAuth, OIDC, or most other options, is probably going to require changing the request headers, and by extension require writing either new request helper code for authenticated endpoints, and/or modifications to all the existing |
I think this can be closed - overtaken by events |
@rowanwins could you explain more what overtaken by events mean? Will Terria have the capability of having a login page and eventually RBAC any time soon? Thanks |
Hi @davidedelerma , So far we've only implemented this in a private clone of TerriaMap (eg the code is not available), although the app is available here I suspect it's going to be hard to have a generic login provider within TerriaJS or TerriaMap, but in terms of the UI idea you're free to steal it. Hope that helps |
To prepare for integration the authentication & authorisation work, we need a login in terria ui.
The text was updated successfully, but these errors were encountered: