it is now possible to log in. #422

 
citrons (bureaucrat) (edited ) src #4072

I have many potential/work-in-progress projects which require account systems. I figured heav, apparently, figured that optimally, I should implement this once and then never again. this is ultimately better for the user, also, as they must keep track of fewer accounts.

as such, auth.citrons.xyz exists. it is usable by anyone; though, I disclaim responsibility if it explodes.

the API documentation is todo, but the gist of it is this:

a service is identified with a domain. to discover a service, e.g. example.com, the authentication service queries https://example.com/.well-known/citrons/auth. this is required to be a JSON file containing the following properties:

  • name - the name of the service
  • endpoint - a URL in your application a user id and token can be POSTed to.

when you wish to log in a user, link them to https://auth.citrons.xyz/login?service=<domain>. the user confirms by submitting a form to your endpoint. the form contains the user's ID in uid and token in token.

you can then query the status of a token by posting it to https://auth.citrons.xyz/api/user/<user_id>/auth/<service_domain>.

$ curl --request POST \
    --data 'token=XXXX' \
     https://auth.citrons.xyz/api/user/50fc23f03043d139/auth/example.com
{"valid":true,"user":{"username":"citrons","ttl":800,"uid":"50fc23f03043d139"},"ttl":800}

$ curl --request POST \
    --data 'token=invalid'\
    https://auth.citrons.xyz/api/user/50fc23f03043d139/auth/example.com
{"valid":false,"ttl":9999999}

ultimately, it is now possible to log in. by the way, I have designed the site around the new style I am working on for my site redesign, my new webæsthetic.

enjoy. tell me if you find some horrible bug.

caesar src #4073

why /.well-known/citrons/auth? why not just /citrons/auth?

zagura src #4074

this is seriously cool!!

citrons (bureaucrat) (edited ) src #4075

why /.well-known/citrons/auth? why not just /citrons/auth?

what if you wish to have a page at /citrons/auth? /.well-known is a standard path for these things.

this is seriously cool!!

thanks!

caesar src #4076

why would someone have both /.well-known/citrons/auth and /citrons/auth?

citrons (bureaucrat) src #4077

why would someone have both /.well-known/citrons/auth and /citrons/auth?

I'm not saying they would. just read RFC 8615. it explains /.well-known.

caesar src #4078

i thought ./well-known was an april fool's joke

citrons (bureaucrat) src #4079

i thought ./well-known was an april fool's joke

why in the world would you think that?

caesar src #4080

because /.well-known sounds like a joke path. like, what if you want to put things that aren't well-known in there? also, i was first introduced to it via an april fool's joke video

trimill src #4081

by the year 2035, all authentication will be processed through citrons®auth™ services.

gollark src #4082

This is not true. We anticipate that osmarksinternalauth™ will actually consume at least 32% of computer systems by then as they are integrated into osmarks.net.

Incoherent src #4083

can confirm, I have logged in.

citrons (bureaucrat) src #4084

good.

mj src #4119

we when the sex is gay

munvoseli src #4123

"poggi big sex" - breadquest

please log in to reply to this thread