Issue #4: support for OpenID
|Reported by:||Jelmer Vernooij|
|Created on:||2014-07-06 17:39|
|Updated on:||2015-09-09 16:26|
It'd be great if kallithea supported OpenID for user login, rather than requiring the user to remember a new password for every instance of Kallithea they use.
Comment by domruf, on 2014-07-08 13:37
I have a old rhodecode installation that uses repoze.who wsgi middleware for authentication maybe we can use something similar for example a quick google search brought me this https://pypi.python.org/pypi/repoze.who.plugins.openid/0.5.3
Comment by Former user, on 2015-09-09 16:18
BrowserID would be another great login option (new ticket?). All the user needs is a working email address (no new password). https://developer.mozilla.org/en-US/Persona
If repoze.who is the preferred mechanism, https://pypi.python.org/pypi/repoze.who.plugins.vepauth might fit the bill (although note that it's dubbed "experimental" in its GitHub repo - if this is a problem, there are other BrowserID/VEP modules on PyPI).
Comment by Andrej Shadura, on 2015-09-09 16:24
Yes, I was thinking about BrowserID too. There's also OAuth 2.0 authentication module out there, but it needs much love to be included into the core.
Comment by Mads Kiilerich, on 2015-09-09 16:26
Agreed. Something like that (or like what I think it is) would also be useful or necessary when we eventually (in my dreams) make it possible to create a PR from one Kallithea instance on the internet to another one. Then we will need some kind of "I am the owner of the changes hosted publicly on this and that URL" authentication.
(This is probably not entirely different from how our new password reset mechanism basically is about authenticating a browser session based on proof of ownership of an email account.)