-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tokens, invites and Share URLs with edit rights - no sign up / in required #23
Labels
Comments
joepio
changed the title
One-click collaboration - Share URL with edit rights - no sign up / in required
Tokens, invites and Share URLs with edit rights - no sign up / in required
Feb 18, 2021
Sharing edit link flow
Thoughts on implementing this
|
This was referenced May 30, 2021
Open
5 tasks
joepio
added a commit
that referenced
this issue
Jun 8, 2021
When an Agent is created, should we always give the newly created Agent the rights to modify itself? I think this makes sense, as the user might want to chage their username and stuff. |
Invites kind of need to be public (they need to be opened), but they should (most often) not be indexable. How to deal with this? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I absolutely love saas services that provide a one-click collaboration.
Example from HackMD:
I think we could have this same feature with Atomic Data. Standardizing how this works could help to make this something that all apps could get for free - without burdening devs with implementation details.
Approaches
Query param containing scoped agent private key
This means the front-end should check the URL for a
guestKey
, and the server should make sure it sets the correct grants for the selected resource(s).Query param containing scopend token
Front-end reads query param that contains token. Front-end generates keypair, sends public key to back-end token service, which adds the newly created agent (pubkey) to the allowed posters to some scope.
In-between Invite resource
Invites are a new Class that have some fields:
Target resource: Where the invite points to
Usage limit: If it is a multi-use or single-use invite token?
Target Agents: An optional set of agents that are allowed to use the Invite?
Allows for short, query param free easy to read URLs
Less clear what the identifier is of the actual resource being edited
When the client has fetches an Invite resource, it should know that it can post an Agent Subject (or public key?) to the Server, after which it gains the rights to edit the resource. Viewing if another question.
Multi-class resource with 'Invite' class
Atomic Data allows for multi-class resources. This means that we could have a resource with both a regular class (e.g. document) and an Invite class.
The text was updated successfully, but these errors were encountered: