Framework for Advanced Authentication

[samyfodil]

Currently, our authentication relies solely on a provider (GitHub). We need to develop a framework to support more advanced authentication methods.

Proposal:
By default, a newly created cloud instance will be restricted and will not permit any authentication.

Core Features:

• Implement p2p endpoints for use with taucorder.
• Restrict users based on username, ID, or any other accessible attributes.
• Support for:
  • Starlark (https://github.com/google/starlark-go) - To be implemented first.
  • URL-based - Implemented next.
  • VM-based (supporting Wasm and other languages) - These will offer access to key-value storage and other features, requiring a predefined project (zero or nil) to be used universally. Implemented last.

Considerations:

• Should the implementation follow a specific order, or should components execute in parallel?

Authentication Process:
When an authentication request is made, the authentication node will verify the correct workflow against the key-value database.

[todd-alex]

I second the exact steps of implementation in the order you have placed them. Starlark will be the easiest to implement, I assume. This will give us the ability to secure networks as we are used to in dev with env variables. Simply being able to explicitly define restriction by email domain or github email(s) would provide us what we need.

Seems like a sound implementation order otherwise.

[samyfodil]

@todd-alex main components have been merged.

[jacks429]

have you seen cloud wasm https://wasmcloud.com?

[samyfodil]

Yes. I know of wasmcloud. What's the relation?