New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add OAuth2 authentication for Perl auth0 #13

Open
preaction opened this Issue Nov 28, 2017 · 0 comments

Comments

Projects
None yet
1 participant
@preaction
Member

preaction commented Nov 28, 2017

We need some form of authentication before we can offer features like messaging and marking reports as invalid. The Perl NOC is moving away from Bitcard and towards auth0, which is an OAuth2 provider.

We need to add an OAuth2 consumer that allows users to log in using the auth0 provider. This should probably use Mojolicious::Plugin::OAuth2. Once we've set that up, we need to tell Robert what our OAuth2 callback URL is so they can enable us and give us our shared secret.

Once the user is authenticated, we need to create a user account to store user information locally. This information will include:

  • Authorized PAUSE accounts for this user
  • Authorized tester e-mail addresses for this user
  • A name they want to go by on the site (a "display name"). This name will be displayed in discussions and on PAUSE author pages

To log in or register for CPAN Testers, users should click a button to begin the OAuth2 process. Once they've been authenticated, we should verify that they have filled out their display name. Then we should prompt them to verify their PAUSE or tester e-mail addresses (the procedures for these are in future tickets).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment