|There's more than one way to do things|
RFC: Authentication/Authorization Systemby eric256 (Parson)
|on Jul 19, 2006 at 14:06 UTC||Need Help??|
Okay so I'm tired of rewriting user managment code, and a usermanagment backend. It is fun the first time, interesting the second, but beyond that it just gets old. So I want to help/start/assist/poke the design of a bolt-on Authorization system. Basicaly I'm looking for a way to bolt authorization and authentication abilities onto existing scripts easily and provide a nice easy user managment solution that can be used to jump start projects. Sometimes i have projects that I want, but the first step always involves getting user managment/registration out of the way and often I stall out in that process before getting a product out. So this module/script/whatever should be easy to bolt on, easy to start with, and easy to enhance/subclass later on if the app takes off and needs something more robust.
Hopefully that gets the target out there, so we are clear. This is not the be all end all, just something to use easily to enhance old scripts, and jumpstart new projects.
So I decided that the easiest place to start would probably be the interface. I don't care how it does what it does, as long as it provides these features. There should be two parts (devided logical/literaly/however). One is the part a script would use to determine if a user is currently logged in and if so what roles that person has.
This interface gives the main app some abilities to manage users (if they want to build their own user management) but hides most the dirty icky stuff away (sessions, logins, logouts, roles, etc).
In addition to that, a user would setup an admin script that invokes a different part of the module which is actualy an entire web based user managment system
So that looks pretty easy from a programmer stand point. You subclass the main module and in that subclass you store all the relevant info and choices. Then your scripts just load that subclass.
So I'm here, because before I begin to hammer out an implementation I wanted to get a feel for what people think. Would you use something like this? What would it need for you to use it? What should it focus on? What should it pass on to the programmer? What do you think it could be named?
So let the lead fly but be nice, please! ;) Any and all ideas, suggestions, pointers to existing solutions, etc, welcome. Do remember this isn't meant to be an Application framework at all, rather something much smaller and simpler, that could be used until you decide you want to go whole hog with one of the bigger full featured frameworks.