minauthator/TODO.md
2024-11-29 17:32:42 +01:00

1.5 KiB

TODO

  • Login form

  • Register form

  • Redirect to login form if unauthenticated

  • Upload picture

  • OAuth2

    • Authorize form
    • Verify authorize
    • Get access token
  • Support OpenID to use with demo client oauth2c

    • .well-known/openid-configuration
  • i18n strings in the http website.

  • App config

    • Add app logo (URI?)
  • Public endpoint to get user avatar by id

  • Rework avatar upload to limit size and process the image?

  • Authorize form

    • Show details about permissions
    • Show app logo
  • Support error responses by https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1

  • UserWebGUI: Redirect to login when JWT expire

  • UserWebGUI: Show user authorizations.

  • UserWebGUI: Allow to revoke an authorization

  • UserWebGUI: Show available apps (basic)

  • UserWebGUI: Direct user grant flow, User can login to the target app/client, event if it did not started here.

    • all apps must have a /oauth2/login URL that redirect to the right minauth /authorize URL, login_uri in config.toml
  • UserWebGUI: activate account with token

  • feat: add groups and roles models

  • UserWebGUI: add TOTP

  • send emails to users

  • Architecture: do we have an admin API?

  • AdminCLI: init

  • AdminWebGUI: List users

  • AdminWebGUI: Assign groups to users

  • AdminWebGUI: Create invitation

Minimal flow

  • Invite user from command line bash script that will edit sqlite
  • Activation UI
  • Send email