[Galene] Re: Is the passwd file still needed?

["Toke Høiland-Jørgensen" <toke@toke.dk>]

Juliusz Chroboczek <jch@irif.fr> writes:

>>>> With the new hashed-password syntax in group files, user credentials are
>>>> stored in the JSON for each group. But there's still a mention of a
>>>> passwd file in the README, but marked as 'optional' - is this still
>>>> needed?
>
>>> AFAICS it's simply used to protect the /stats page (with HTTP basic authc).
>
> Right.
>
>>>> And is there a way to specify hashed passwords in that file?
>
> This file's syntax is going to change, but I'm not quite sure how.  Right
> now, we're duplicating the same entry for a given user in all groups where
> they have a username; it would be good to be able to say
>
>   1. user "toke", has default password "foo";
>   2. user "toke" is Op in group A with his default password;
>   3. user "toke" is Presenter in group B with his default password;
>   4. user "toke" is Op in this whole set of groups with his default password.
>
> One possible solution would be to store default passwords in the "passwd"
> file, and use the default password in "password" is not present (as
> opposed to being the empty string, which will have the same meaning as
> actually).  This doesn't solve point (4) above.

Well personally I can live without (4). The obvious answer that comes to
mind to implement it is user groups, though. So (video) groups could
delegate the op priv to a (user) group (of admins, say), and you'd only
need to add a user to that group.

Alternatively, make it up to any third-party administration interface to
provide the group abstraction and just keep the "list of users per
(video) group" that exists now, but move the passwords to a central file.

> Ideas welcome, even if they're not accompanied with patches. Please
> recall that Galène is meant to be easy to install and have minimal
> dependencies, so anything that relies on an external daemon (SQL) is
> out of the question; on the other hand, I'm open to solutions that are
> extensible to third-party authentication or delegation ("login with
> github") as long as they remain optional.

Well if you abstract out the password checking to a passwd file, it
would be fairly straight forward to add additional callbacks there, no?
I.e., Galene can ask third-party services to authenticate a user ID,
with the passwd file being the default?

This would likely also need a decoupling of user identifiers and display
names, as external services can use arbitrary IDs (but commonly, that's
just emails) that is not necessarily what users want to show up in the
user list...

-Toke