summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-05-08 11:34:03 +0300
committerFrederick Muriuki Muriithi2023-05-08 11:34:03 +0300
commit986f0481ae7bbd16163e67b209c6ff14eb3bf80f (patch)
tree61bc40fdb681ad23050b571525b81381a63c91bd
parent75a2421522eaba63e63333fd6dbf1c55c0f980fb (diff)
downloadgn-gemtext-986f0481ae7bbd16163e67b209c6ff14eb3bf80f.tar.gz
issues: Add details to "migrate user accounts from redis"
Add some more information on possible route to migrate the user details.
-rw-r--r--issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi11
1 files changed, 11 insertions, 0 deletions
diff --git a/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi b/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi
index 94b4e40..7d3352f 100644
--- a/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi
+++ b/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi
@@ -21,6 +21,17 @@ As part of that migration, we need that any particular user's privileges be main
* A newly created groups (as above) will contain those users with privileges ONLY for the resources in the group
* Any users with privileges that cross groups will be harder to handle, but are hopefully fewer
+
+We could have the migration be triggered by the user:
+
+* User logs in using existing credentials
+* System looks for credentials in auth system db
+* If credentials found, log the user in and end the login process
+* If credentials are not found, search for credentials in old system
+* If credentials are found in old system, log the user in, and transfer the credentials to the new system (including user id, email, name, password, etc)
+* Provide the user with the chance to trigger migration of their details from the old system
+* If credentials are not found in either system, that is not a valid user. Show error and end the login process.
+
## Related Topic(s)
=> /topics/authentication/authentication-authorisation-design Authentication/authorisation design