user authentication component?

[JE-VS]

Hi Ramiro, hi all,

First of all, thanks for the work. I have been trying Streamsync since yesterday, and it's really an impressive job!

I was wondering if there is in the pipes the idea to build an "user authentication" component for login/logout to use with the session_verifier ?

Otherwise, what could be the way to use the session decorators or methods to achieve it ?

Thanks a lot

[FabienArcellier]

Hi, I don't know if Ramiro has already draft a plan to manage a security layer through application. I will just write here what I would expect of a security layer

• pick a login page on the Root node [optional]
• having a login event on the Root node to select a function to trigger after login
• having security section in properties of page to pick if a page is secured or not (authentication required)
• having a login component displayed according the security info (login link or username and logout action)
• having a security context available in event on the backend (it may be associate with session)

I don't have thought on how to manage oauth and authorization.

[FabienArcellier]

Today we can manage simple authentication using the event ss-page-open on Page and ss-hashchange on Root. You will use the action changing active page to move to login page.

[JE-VS]

Hi Fabien,

Thanks for your reply and your tips!

Yes, I agree with your list.

Until then, I'll start playing with the ss-page-open/ss-hashchange.