-
Notifications
You must be signed in to change notification settings - Fork 15
Authentication
NOTE: This is a draft specification.
Oculus is designed to be lightweight and easy to install. It should also scale to meet the needs of larger teams.
To meet the first goal, Oculus ships without some the trimmings, like built-in authentication.
To meet the second, Oculus provides a pluggable authentication framework, via rack middleware. This enables your organization to customize its authentication setup, using technologies like HTTP Authentication or LDAP.
There are no publicly available authentication modules yet.
Oculus authentication modules are rack middleware. Authentication modules MUST be installed before Oculus in the middleware chain. To enable authentication in your application (once your middleware is installed), set Oculus.enable_authentication to true in your rackup file.
Your authentication module MUST provide the following env keys:
-
oculus.user.id: a unique identifier for the current user (or nil if logged out). -
oculus.user.name: the current user's display name.
Your authentication module MAY provide the following env keys:
-
oculus.user.email: the current user's email address. Currently unused. May be used in the future for email notifications (e.g. query completion).
Your authentication module MUST handle the following paths:
-
/login: users will be directed here if they attempt to perform an action that requires authentication. -
/logout: users will be directed here when they click the "Log Out" button.