1.5 KiB
TODO
-
Login form
-
Register form
-
Redirect to login form if unauthenticated
-
Upload picture
-
OAuth2
- Authorize form
- Verify authorize
- Get access token
-
Support OpenID to use with demo client oauth2c
- .well-known/openid-configuration
-
i18n strings in the http website.
-
App config
- Add app logo (URI?)
-
Public endpoint to get user avatar by id
-
Rework avatar upload to limit size and process the image?
-
Authorize form
- Show details about permissions
- Show app logo
-
Support error responses by https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1
-
UserWebGUI: Redirect to login when JWT expire
-
UserWebGUI: Show user authorizations.
-
UserWebGUI: Allow to revoke an authorization
-
UserWebGUI: Show available apps (basic)
-
UserWebGUI: Direct user grant flow, User can login to the target app/client, event if it did not started here.
- all apps must have a
/oauth2/login
URL that redirect to the right minauth /authorize URL,login_uri
in config.toml
- all apps must have a
-
UserWebGUI: activate account with token
-
feat: add groups and roles models
-
UserWebGUI: add TOTP
-
send emails to users
-
Architecture: do we have an admin API?
-
AdminCLI: init
-
AdminWebGUI: List users
-
AdminWebGUI: Assign groups to users
-
AdminWebGUI: Create invitation
Minimal flow
- Invite user from command line bash script that will edit sqlite
- Activation UI
- Send email