Project

General

Profile

Task #5789

Some issues to be cleared about userservice

Added by Marcus Przyklink almost 3 years ago. Updated about 2 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
-
Start date:
10/09/2018
Due date:
% Done:

0%

Estimated time:
PM Check date:
02/05/2019

Description

Some issues which should be cleared:

  • django update. If we wanna use ldap, I think we should use django-auth-ldap as an auth backend. For that, we would need django >=1.11. I seem to remember reading about an update, but can't seem to find where it was. Is that in the making in the foreseeable future?
  • 'should use ldap' -> I presume it means ldap first, old db as fallback?
  • We should develop some concept for a fast and easy migration of the old database into ldap at some point, else we will need two bunches of code to handle everything
    • Since django-auth-ldap uses the django-db for storing, we would have two sets of data there, the old customerset and the new one the ldap-auth puts there, so I will see if it is easily identifyable what is what
    • another thing.. This is more customer relations. Everyone already in the db will need new passwords if we migrate to ldap, which is a hassle and should be thought about by marketing to give it a good spin

Maybe the scope is a bit broad, but those are the things which popped into my mind while thinking about how to best integrate the userservice


Related issues

Related to Open Infrastructure - Task #6465: Expire the password reset link [datacenterlight, dynamicweb]In Progress02/15/2019

Actions

History

#1

Updated by Nico Schottelius almost 3 years ago

  • Assignee changed from Nico Schottelius to Marcus Przyklink

I suggest the following development flow:

  • create a new project, based on latest (stable) django
    • Using micro services should give us the opportunity to easily use different versions
  • in this project users should be able to
    • register a new user account
    • login
    • reset their password
    • register & login should have some kind of logic that allows our main website to refer to it ("secured area") and get back to it
    • I assume the last part can/should be done using oauth(2)
  • Change dynamiweb to use the new user service
    • consult with Mondi here - he might actually be good to do it && show you what changes were needed
  • Later stage
    • publish events on the message bus (user registered, user password reset, etc.)
#2

Updated by Jason Kim over 2 years ago

  • PM Check date set to 02/05/2019
#3

Updated by Mondi Ravi over 2 years ago

  • Related to Task #6465: Expire the password reset link [datacenterlight, dynamicweb] added
#4

Updated by Sanghee Kim about 2 years ago

  • Assignee deleted (Marcus Przyklink)
  • Status changed from Feedback to New
  • Project changed from testproject to queue

Also available in: Atom PDF