Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1.0 architecture considerations #226

Closed
daffl opened this Issue Jun 20, 2016 · 4 comments

Comments

Projects
None yet
2 participants
@daffl
Copy link
Member

daffl commented Jun 20, 2016

Authentication is a complex topic and finding a good balance between ease of use and flexibility can be tricky sometimes. For version 1.0 of this plugin we probably should try and reduce or split up the amount of code and API and configuration option surface area. Here are some of my thoughts on this:

  • Should the plugin still serve static failure and success pages? It seems to me like you'll never really need them.
  • Should we try and split different authentication mechanism in their own modules. That would help to reduce the large number of configuration options and keep things modular. I was thinking of something like
const feathers = require('feathers');
const authentication = require('feathers-authentication');
const local = require('feathers-authentication-local');
const oauth2 = require('feathers-authentication-oauth2');

const app = feathers();

app.configure(authentication({
  secret: 'myauthsecret'
}));
app.configure(local({
  endpoint: 'auth/local'
});
app.configure(oauth2({
  facebook: {
    strategy: FacebookStrategy,
    'clientID': 'your facebook client id',
    'clientSecret': 'your facebook client secret',
    'permissions': {
      authType: 'rerequest',
      'scope': ['public_profile', 'email']
    }
  }
}));
  • Add the ability to remove a token. I wrote some thoughts on that up at #73 (comment)

@daffl daffl added the Backlog label Jun 20, 2016

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Jun 20, 2016

Yes I agree. I think if we can split it out that would be great. It will reduce the dependencies for feathers-authentication. I'd like to get close to 1.0 (ie. password reset, passwordless auth) first before we refactor but I had been thinking something similar.

@ekryski ekryski added this to the 1.0 milestone Jun 20, 2016

@ekryski ekryski added the Task label Jun 20, 2016

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Jun 20, 2016

And I think we should pull the static pages. You and I discussed over hangout but they really just get in the way and almost 100% of the time end up getting overridden.

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Jul 19, 2016

This is pretty much complete in the passwordless branch.

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Nov 21, 2016

I think we can close this out now. We have had a lot of discussion and iteration over the last month and have settled on an adapter for Passport. It's working really well and is now in master and released slated to go out as 1.0.0.

If you want to see more detail you can check the code, examples, and docs.

@ekryski ekryski closed this Nov 21, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.