authgear about skygear-server HOT 7 OPEN

• Do we want to cleanup the core packages and remove irrelevant stuff/merge into auth package/new repo?
• Do we want to do #1433 as part of refactor? (i.e. use library instead of hand-rolled OAuth implementation)
• We may also want to cleanup the configuration.
• I suppose we can drop access key entirely now.

from skygear-server.

Do we want to cleanup the core packages and remove irrelevant stuff/merge into auth package/new repo?

Sure!

Do we want to do #1433 as part of refactor? (i.e. use library instead of hand-rolled OAuth implementation)

As long as we have time. So this is not of our first priority.

We may also want to cleanup the configuration.

For example?

I suppose we can drop access key entirely now.

We still have the concept of client ID

from skygear-server.

We may also want to cleanup the configuration.

• double api_version in app_config?
• app_id should not be needed.
• flatten app_config?
• template configuration need rework?
• do we refactor the secrets out of config now?
• no need OAuth scopes?

We still have the concept of client ID

Yes we do have it, but we can stop accepting it through the access key header, thus removing the concept of access key entirely.

from skygear-server.

double api_version in app_config?

Can remove them entirely.

app_id should not be needed.

Should be OK.

flatten app_config?
template configuration need rework?

I am fine with it.

do we refactor the secrets out of config now?

Good idea. But we may not have time to do secret management in this sprint. What temporary solution do we have? Load another file?

from skygear-server.

Maybe just start a new one instead of moving skygeario/guides to authgear/docs?

from skygear-server.

• web UI remove webappstep & state, expose interaction.StepState directly
• merge web UI state with interaction flow state
• move web UI request decoding/redirection to handlers
  • so add route is copy/paste a single file and change relevant places.
• use static singleton validator per handler
  • directly use global variable in handler.
• remove msgpack
• delete app_id, use constant in single tenant mode, use tenant key in multi-tenant mode
• move translation to a file in handlers/webapp
  • share by all handlers
• refactor render provider: a set of helper functions
• all form should novalidate, don't use html5 validation
• request validation is moved to interaction flow, use JSON schema, inject context (details) into error in flows.

from skygear-server.

• webapp static asset self-host (no CDN provided)
• static asset pack into output binary (packr?)
• development workflow: use parcel to watch & compile assets?

from skygear-server.