!DnzGDOEluSXwfOUoKI:matrix.org

Contributing (Authelia)

85 Members
Discuss Contributing to the Authelia Open Source project7 Servers

Load older messages


SenderMessageTime
29 Jul 2021
@youssri:matrix.orgyoussribtg James: cool...as it's a big part i suggest to make a team to collaborate on this...because it should be confirmed by you (the team) after every change.. and all the UI should be homogeneous... i'am ready to be part of this 23:48:01
@james.elliott:matrix.orgJamesI believe generally speaking we can agree on a basic design, as well as a list of initial features (we don't have to add all of them at once), then work on that. Adding parts of it slowly will end up being the least disruptive. The hardest part to get right is going to be configuration in my opinion. The session part will also be challenging. I generally think as it's developed we can add feedback but generally our review process is something similar to this: design -> POC -> peer review -> adjustments -> final review -> merge.23:51:32
@_discord_247176974164819968:t2bot.ioAstral Sounds good 23:52:43
@james.elliott:matrix.orgJamesWe have a bit of a backlog at present because I've been investing in the change from the viper configuration provider to the koanf one, it's simpler and in my opinion more extensible (should be able to add SQL configuration easily).23:54:52
@_discord_247176974164819968:t2bot.ioAstral I assume people wouldn't be able to get credentials or the like if they were admin or so 23:58:23
@james.elliott:matrix.orgJamesCredentials to what?23:58:45
30 Jul 2021
@youssri:matrix.orgyoussribtggreat i'll help in doing all of that for sure thanks00:00:37
@james.elliott:matrix.orgJamesI mean, user credentials are passed through hash functions, admins can technically get the hash already but they're useless since they cannot be reversed (not even Authelia can do this). We probably will not allow the current stored password for things like SQL, redis, LDAP to be sent to the frontend at all for security reasons (users would only be able to update the current password, not obtain previously set ones). The only exception will probably be OIDC client secrets, which when first generated will be available in the web UI. 00:02:15
@_discord_247176974164819968:t2bot.ioAstral Yeah that's what I mean wouldn't want people to see passwords of backend stuff via frontend stuff 00:02:55
@james.elliott:matrix.orgJames * I mean, user credentials are passed through hash functions, admins can technically get the hash already but they're useless since they cannot be reversed (not even Authelia can do this). We probably will not allow the current stored password for things like SQL, redis, LDAP to be sent to the frontend at all for security reasons (users would only be able to update the current password, not obtain previously set ones). The only exception will probably be OIDC client secrets, which when first generated will be available in the web UI. 00:03:11
@james.elliott:matrix.orgJamesAuthelia isn't a password manager, if people forget/lose passwords to their Redis/SQL/LDAP/etc it's not our concern at all. They can just change them. It would be demonstrably irresponsible for us to allow this in the in the network or network adjacent scope without significant justification.00:10:37
@james.elliott:matrix.orgJames * Authelia isn't a password manager, if people forget/lose passwords to their Redis/SQL/LDAP/etc it's not our concern at all. They can just change them. It would be demonstrably irresponsible for us to allow this in the in the network or network adjacent scope without significant justification.00:11:05
@_discord_247176974164819968:t2bot.ioAstral No I know that, I mean like say you have the login password to redis not to be retriveal by authelia frontend if that makes sense as I know someone is going ask for some reason 00:17:52
@_discord_247176974164819968:t2bot.ioAstral If they forget their password just tell them to go reset it 00:18:09
@_discord_247176974164819968:t2bot.ioAstral "No I can't view your password" 00:18:17
@_discord_247176974164819968:t2bot.ioAstral Some UI's show like say the database password and such for I don't know what reason 00:18:44
@nightah:nerv.com.auAmir I think we would make a conscious design decision to not show any secrets/passwords other than the shared OIDC secrets like James mentioned earlier. 00:20:01
@james.elliott:matrix.orgJamesYeah I was just trying to clearly express my personal feelings about security clearly. We very rarely make choices that reduce security.00:20:22
@nightah:nerv.com.auAmir * I think we would make a conscious design decision to not show any secrets/passwords other than the shared OIDC secrets like James mentioned earlier. 00:20:26
@james.elliott:matrix.orgJamesGenerally speaking any such choice is off by default and gated by informed administrator choice/configuration or temporary (OIDC beta currently uses unhashed shared client secrets).00:22:11
@james.elliott:matrix.orgJames * Generally speaking any such choice is off by default and gated by informed administrator choice/configuration or temporary (OIDC beta currently uses unhashed shared client secrets).00:22:30
@youssri:matrix.orgyoussribtg* great i'll help in doing all of that for sure thanks08:55:23
@jrester:matrix.orgJrester
In reply to @nightah:nerv.com.au
Jrester: where do you feel most comfortable working? backend, frontend, UI/UX?
I am most comfortable with backend but I also have some experience with frontend and React. I could try to create a mock up for the admin interface although I am no designer. But as the frontend is based on material ui so that shouldn't be much of an issue, as there are strict design guidelines afik. After a design is approved I would be happy to implement the backend and maybe also the frontend.
11:20:24
@nightah:nerv.com.auAmirSounds great. The mocks would definitely be the best initial approach and if there’s any help the team can provide let us know!11:21:35
@jrester:matrix.orgJresterGreat! Than I am going to start working on it11:22:40
@nightah:nerv.com.auAmirJames linked some MUI admin interfaces earlier which you could like draw some inspiration from. Let me find the links.11:23:56
@nightah:nerv.com.auAmir https://material-ui.com/store/items/minimal-dashboard-free/
https://material-ui.com/store/items/devias-kit/
https://www.creative-tim.com/product/material-dashboard-react?partner=104080
11:25:00
@jrester:matrix.orgJresterGreat! I will have a look at those11:25:27
@james.elliott:matrix.orgJamesWe use material UI btw, which is a react framework11:37:14
@james.elliott:matrix.orgJames

Some backend challenges that the admin dashboard will face:

  • Mapping backend users to Authelia Admin privileges
  • Enhancing the API (since that's how the frontend communicates with the backend) to handle the requests and correctly identify admins (we'll need a middleware to protect the admin API paths)
11:41:07

There are no newer messages yet.


Back to Room List