diff options
author | Frederick Muriuki Muriithi | 2023-05-08 11:34:03 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2023-05-08 11:34:03 +0300 |
commit | 986f0481ae7bbd16163e67b209c6ff14eb3bf80f (patch) | |
tree | 61bc40fdb681ad23050b571525b81381a63c91bd | |
parent | 75a2421522eaba63e63333fd6dbf1c55c0f980fb (diff) | |
download | gn-gemtext-986f0481ae7bbd16163e67b209c6ff14eb3bf80f.tar.gz |
issues: Add details to "migrate user accounts from redis"
Add some more information on possible route to migrate the user details.
-rw-r--r-- | issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi b/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi index 94b4e40..7d3352f 100644 --- a/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi +++ b/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi @@ -21,6 +21,17 @@ As part of that migration, we need that any particular user's privileges be main * A newly created groups (as above) will contain those users with privileges ONLY for the resources in the group * Any users with privileges that cross groups will be harder to handle, but are hopefully fewer + +We could have the migration be triggered by the user: + +* User logs in using existing credentials +* System looks for credentials in auth system db +* If credentials found, log the user in and end the login process +* If credentials are not found, search for credentials in old system +* If credentials are found in old system, log the user in, and transfer the credentials to the new system (including user id, email, name, password, etc) +* Provide the user with the chance to trigger migration of their details from the old system +* If credentials are not found in either system, that is not a valid user. Show error and end the login process. + ## Related Topic(s) => /topics/authentication/authentication-authorisation-design Authentication/authorisation design |