andrzej
opened 3 years ago
-
@robin we can offer sponsorship for the development of this feature.
The authentication DB would be shared between a few apps, so user can login to each app using the same login credentials.
Ideally, we would like to have something similar to what we have in Tigase. That is we can point the 1dev or Tigase to a DB for user authentication only. We normally use stored procedures with auth information as arguments for authentication which just return a null if authentication fails or user_id if authentication is successful.
Here is an example stored procedure we use for Tigase: https://github.com/tigase/tigase-server/blob/master/src/main/database/mysql-server-8.0.0-sp.sql#L194
It would be very convenient to us to have something similar for 1dev.
-
Using separate auth database in OneDev will complicate things. If you have a central auth database, why not develop an authentication app providing OAuth authentication service using this database, then OneDev and any other third party apps can be configured to authenticated via this authentication service.
-
Hm, this is an approach I did not think about. What do you think @andrzej? Is it an option for us?
-
Yeah really sounds like you want an identity provider and provider OAuth 2 / OpenID functionality.
Out of my head I would explore Keycloak or Ory Hydra (and all the other Ory components they provide): https://www.keycloak.org/ https://github.com/ory/hydra
Keycloak is a full solution while Ory Hydra can be used to build a custom solution.
-
Previous Value Current Value Open
Closed
| Type |
Question
|
| Priority |
Normal
|
| Assignee |
We would like to integrate onedev with other apps used by us. To do that we would like to use a separate database for authentication. This database would store credentials to authenticate users which would be used by our other apps. We would like to store passwords in PBKDF2 format in that database. Is that somehow possible? or could it be possible?