timuntersberger / keycape Goto Github PK

Currently we try to create every entity defined and log when a unique value already exists.

But what if you only changed the scopes of an account. Currently it doesnt update the entity in the db.

Frontpage needs three marketing points.
my ideas:

• one config file
• open source
• docker

Support either accesstoken or refreshtoken invalidation (most likely by using a blacklist in redis)

Currently the only way of knowing what error got returned is by comparing the error message. This is very inefficient for the user and error prone.

Create a unique error code for each error message that gets propagated back to the user.

Don't forget to document all of the codes!

change from using ts-node to a proper build process

Add following validations before persisting the entities:

• Name has to be unique
• Referncing a role or privilege that doesn't exist is not possible

The mikro orm migrator up function always tries to do every migration.

Somehow only do the migrations once.

scope values are validated but not used.

• Account
  • create one
  • get one
  • get all
  • update one
  • delete one
  • get role
  • get oauth2connections
• Role
  • create one
  • get one
  • get all
  • update one
  • delete one
  • get privileges
  • add privilege
  • remove privilege
• Privilege
  • create one
  • get one
  • get all
  • update one
  • delete one

Rename Privilege to Scope (To align more to the oauth2 spec)

Currently the refresh token is hard coded to 7d.
There is no way to change this as a user of keycape without forking the repo.

Make it configurable

Currently the forgot password token is hard coded to 10 minutes.
There is no way to change this as a user of keycape without forking the repo.

Make it configurable

Currently when someone uses an already registered provider account to signup the program just crashes.

Think about the current accesstoken payload. Maybe we should only send the id of the account instead of the whole account.

Currently it is only possible to connect an account with a provider by signing in with that provider.

It would be awesome if you could add a provider to an existing account.

Currently not all errors are handled probably or propagated back to the user.

Currently the access token is hard coded to 15 minutes.
There is no way to change this as a user of keycape without forking the repo.

Make it configurable

• - connect google
  • - create a google application
  • - find google id and secret
• - connect github
  • - create a github application
  • - find github id and secret
• - describe api