Managing user authentication


#1

Need a way to register and track users, in order to manage content, assign ownership of contributions etc.

Piggyback off GitHub Oauth?

I really like the way micro.blog handles log in without passwords.

You visit the site and fill in your email, an email link is sent and clicking this signs you in for a period of time.
This way there are no passwords we only need to keep email which could also be encypyted.

Main aim is I don’t want to have access to any data, if user leaves and redacts data, not even admin can get to it. Crypto Pouchdb / couch DB might help.

Some authentication links.

https://aaronparecki.com/2018/07/07/7/oauth-for-the-open-web

http://openid.net/connect/
https://www.npmjs.com/package/openid-client


#2

Ended up utilising a lot of what is here to save a token. But didn’t get much further than saving a token.

https://blog.sqreen.io/authentication-best-practices-vue/