Cleanup

heipei · Sep 17, 2015 · 26b7b9e · 26b7b9e
1 parent e28f25a
commit 26b7b9e
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 19 deletions.
diff --git a/README.md b/README.md
@@ -43,14 +43,14 @@ Getting started
 
 There is an example nginx.conf in doc/ 
 
-1. Start nginx: ~/local/sbin/nginx -c $PWD/doc/nginx.conf
-2. Start ssoauth: ./ssoauth -config config.json -pubkey run/prime256v1-public.pem -port 8082
-3. Start ssologin: ./ssologin -privkey run/prime256v1-key.pem -port 8081
+1. Start nginx: ~/local/sbin/nginx -c $PWD/etc/nginx.conf
+2. Start ssoauth: ./ssoauth -config etc/ssoauth.json
+3. Start ssologin: ./ssologin -config etc/ssologin.json
 4. Add login.domain.dev and auth.domain.dev to 127.0.0.1 to /etc/hosts
-5. Browse to login.domain.dev:8080/login
-6. Browse to auth.domain.dev:8080/secret
+5. Browse to http://username:password@login.domain.dev:8080/login
+6. Browse to http://auth.domain.dev:8080/secret
 
 ECC keypair generation
 ----------------------
 
-To create an ECC keypair, you can use the tool in doc/ecc.go.
+To create an ECC keypair, you can use the tool in tools/ecc.go.
diff --git a/doc/TODO.md → TODO.md b/doc/TODO.md → TODO.md
@@ -2,14 +2,6 @@
 vim:ft=markdown:et:ts=2:sw=2
 -->
 
-Two parts
-=========
-- nginx-sso auth endpoint
-- login middleware / function
- - https://justinas.org/writing-http-middleware-in-go/
- - function to create the cookie based on some payload (hash + ecdsa + setting the cookie)
- - user-defined function to get the username / group / payload (in general)
-
 Problems
 ========
 - Write tests
@@ -34,14 +26,12 @@ Others
 - Old PubCookie module for nginx: http://www.vitki.net/book/page/pubcookie-module-nginx
 
 - Also document that this is a very basic solution
- - Next step could be to put a better-performing session store in which does not actually have to verify the sig each time only hash the cookie or set another cookie
+ - Next step could be to put a better-performing session store in which does
+   not actually have to verify the sig each time only hash the cookie or set
+   another cookie
  - Maybe even set a cookie and then have nginx verify the cookie from there on
- - Better read up on nginx session / auth management, performance, best practices
  - Login could be done using something like oauth
 
-- https://elithrar.github.io/article/custom-handlers-avoiding-globals/ for handling context in a golang web app
-- libsodium
-
 ECC Resources
 =============
 

diff --git a/doc/nginx.conf → etc/nginx.conf b/doc/nginx.conf → etc/nginx.conf
diff --git a/doc/ecc.go → tools/ecc.go b/doc/ecc.go → tools/ecc.go