GSOC 2022 - External Authentication Service

From Open Food Facts wiki
Revision as of 09:19, 3 February 2023 by Alex-off (talk | contribs) (changed state)

Summary

Move user authentication in a new project, using existing free software, providing modern authentication and identity services.

Description

Contributors of Open Food Facts have an account. Currently management of those accounts is directly implemented in ProductOpener. The systems lack some capabilities one would expect from a user friendly website or for user management, but it also lacks lots of capabilities for third party applications like OAuth would require.

Status: Finished, not deployed

People:

Impact (why)

The goal of this project is to have more features for users and app developers, while keeping product opener code less complex (separation of concerns). Also possibly have less maintenance, thanks to a complete product.

Expected outcomes (what)

  • This service should permit to handle authentication,
  • We would like to change that to rely on an external service. However, as we really care for our user data, the service should be open source and hosted on our infrastructure.
  • The mission consists in choosing such a service (eg. authentik, keycloak, ory, etc. ), deploying it (automating deployment), configuring and integrating it and writing documentation.
  • You will also have to give a plan and scripts for users migration.
  • The integration part might be the most challenging part, as it should be transparent to users for simple workflow. First goal is to have authentication done through it and to provide OAuth for app developers.

Timeline

  • To be discussed

Resources / Contributing

Archives