From 8b758d38eefd93f03658d517e06e3bcb0e95d356 Mon Sep 17 00:00:00 2001 From: Pjotr Prins Date: Mon, 17 Oct 2022 12:44:35 +0200 Subject: Design --- .../authentication-authorisation-design.gmi | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 topics/authentication/authentication-authorisation-design.gmi (limited to 'topics/authentication') diff --git a/topics/authentication/authentication-authorisation-design.gmi b/topics/authentication/authentication-authorisation-design.gmi new file mode 100644 index 0000000..e31b760 --- /dev/null +++ b/topics/authentication/authentication-authorisation-design.gmi @@ -0,0 +1,21 @@ +# Authentication/authorisation design + +## Authentication + +* Local database should be independent from other services and copied as a file (SQLite with JSON?) +* Later use other providers, such as gmail +* Later provide REST API & token access + +## Authorisation + +* Users (authenticated) +* Groups (users are members and you have a group leader) - every user belongs to one group! +* Roles define access control (groups have flexible roles) - group can create unique roles +* Resources (pretty flexible, give access to roles) - every data resource is owned by one group! +* Some users can add themselves to groups/roles +* Local database should be independent from other services and copied as a file (SQLite with JSON?) +* Later provide REST API & token access + +## Web front-end + +* Web front-end which allows management of these users/groups/roles/resources -- cgit v1.2.3