Okay, first post here, sorry if I make any mistakes.
So I like to get some projects running, working on them and that stuff, the problem always comes when I need to add authentication and I don't want to maintaint databases with user data for each project, a simple user id for me is enough, that's why I normally usepassport-twitter
to handle authentication also not having to worry about storing someone else's password is a bonus.
Thing is, once you have more than one or two projects, I doubt that reusing the same twitter app for all of them is correct so I got a plan, and I'd like to know what you guya think of it and if anyone has any idea on how to implement such a thing.
So, my plan is to have a central authentication for all my projects, kind of what google does with accounts.google.com
The idea is simple, when a user wants to login to one of my projects, I start a OAuth process with a custom server of mine, auth.example.com
which is basically a normal OAuth server, the caveat is that this custom OAuth server doesn't authenticate users with their username and password, instead, it does it via Twitter, Google, GitHub, whatever. So it'a basically OAuth inside Oauth.
I'm not really sure if anyone will understand what I mean but I'm not really sure this can be done either so I guess I'll try and see if anyone knows of an existing project that has thia system or knows if it's possible to do / how.
Authentication isn't my thing and I'd love some assistance here, I don't want to screw anything up
Thanks.
Top comments (3)
That sounds like way more work and moving parts you have to worry about than just creating another Twitter app. If juggling credentials is a headache there might be ways to manage your application config more efficiently without going to these lengths.
It's not a crazy idea, if I'm not mistaken what you're looking for is a OAuth2 reverse proxy, something like github.com/bitly/oauth2_proxy
Thank you! Will take a look at this and similar projects, hopefully it helps!