💾 Archived View for jb55.com › ward.asia.wiki.org › modular-authentication captured on 2021-12-04 at 18:04:22. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

Modular Authentication

With wiki sites being owned by individuals there is only a single question that concerns us, "Are you the site owner?"

In the current (July 2015) code base there are a number of issues:-

The aim of is to separate out the authentication scheme specific parts of implementation, into a security plug-in. Such that it would be possible both for alternative schemes to be developed, and server owners to pick an appropriate scheme, without needing to create a scheme specific version of the server and client.

We do not provide a mechanism for creation of privatly shared wiki sites, this is might be provided using Layered Authentication.

Layered Authentication

See Authentication Resources

Authentication Resources

Modular implementation has now been released, with Mozilla Persona authentication.

As well as the Mozilla Persona authentication, that is the current default, there is a basic 'no' authentication scheme. This will soon be modified, as part of changing support for ephemeral sites, so sites are read-only.

With the closure of the Mozilla Persona service, two alternative security plug-ins have been created: i) a Passport.js based solution, at release adding support for GitHub, Google and Twitter based identity, and ii) a simple 'friends' plug-in that uses a shared secret.

Passport.js