[GitHub] [apisix-dashboard] bzp2010 commented on pull request #2010: feat: new authentication framework

Mon, 09 Aug 2021 22:19:40 -0700 


bzp2010 commented on pull request #2010:
URL: https://github.com/apache/apisix-dashboard/pull/2010#issuecomment-895737216


   ### Current Plan
   #### Update Time: 
   2021-08-10
   
   #### Description:
   At present, we plan to provide two types of user storage methods. 
   
   1. The first is a simple user saved in the configuration file and only 
supports username + password. 
   _This is to ensure compatibility with the old version, which will be 
available for some time in the next version, but there may be no feature 
updates. It is recommended to migrate to the following second storage.
   It is expected that local user storage will not be provided after the 
installation initialization solution of the second solution is solved. But, 
there are still some key problems to be solved, so first method will still be 
used as the default configuration._
   
   2. The second scheme is to store users in etcd in the form of dashboard 
independent prefix.
   _This is a form of user storage that will be supported in the future, and it 
will provide more flexibility. However, it needs to deal with the 
initialization of dashboard after installation. At present, it needs to 
manually add user records to etcd.
   In the future, user login methods such as oAuth2 will also be provided._
   
   #### PR Contents:
   
   - This PR is committed to establishing a new universal user framework to 
support more authentication methods. It will be used as the front work of the 
second kind mentioned above.
   It establishes the location of user storage in the a directory of etcd, it 
uses a data model similar to the following image.
   
![image](https://user-images.githubusercontent.com/8078418/128810421-f0d01717-a865-46b7-a771-da742de2c8b8.png)
   It allows users to set the master account for logging in with username and 
password, and associate other platform accounts such as oAuth2 with the master 
account. Just like this.
   
![image](https://user-images.githubusercontent.com/8078418/128810692-1e15932d-72a4-4101-8ca4-1cae026ac986.png)
   More authentication methods will be added in the form of provider in the 
future, such as `GitHub`, `Google`
   
   - At the same time, I added a new configuration item datasource in the 
authentication block in the configuration file. It lets us to specify `local` 
or `etcd` storage. In the current version, it is still configured as `local`. 
After the initial user creation problem is solved, switch it to `etcd` and 
consider removing the local user authentication method.
   
   #### Other
   Do you have any other suggestions?
   @nic-chen 
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to