...
- Login with Github (basic auth)
- Approve account
- Deny account
GUI/API server changes
| Gliffy Diagram | ||||
|---|---|---|---|---|
|
Oauth support
- Add endpoints to handle oauth requests
- GET /oauth/providers
- Returns list of supported providers and info
- POST /oauth/login
- provider=github
- code=AUTH_CODE
- state=RANDOM_STRING
- GET /oauth/providers
Account approval
- Add approval endpoint, only available to admin or with token
- GET /requests/
- PUT /requests/user/
- Approve/Deny
Account record
- Implement password hashing (bcrypy + salt)
- Add account status (approved unapproved)
- Add change password endpoint (authenticated user)
- /accounts/user/password?currentPassword=&newPasword=
- Forgot password
- /accounts/user/password?email={email@email.com}
- Send email to user with link with temporary password that must be changed on login
Candidate SSO Implementations
...