monicahq/monica

Support logging in with an OAuth2 provider

Open

#1,154 opened on Apr 12, 2018

View on GitHub
 (14 comments) (27 reactions) (0 assignees)PHP (2,464 forks)batch import
feature requesthelp wantedsecurity

Repository metrics

Stars
 (24,641 stars)
PR merge metrics
 (No merged PRs in 30d)

Description

A rephrasing of the now-closed #558. And a reincarnation of #39.

As a user, I would like to be able to log in with a 3rd-party identity provider and not have to maintain yet another username and password credential pair.

This is probably only going to be useful for self-hosted installations -- they can decide who they trust. For the publicly hosted version, I don't know of many OAuth2 providers that has broad community trust. (Mozilla's Firefox Accounts maybe? I don't even know if 3rd parties can use it. Gitlab and/or Github as well?)

If support is implemented in a generic fashion, then users can spin up their own OAuth2 providers (RedHat's KeyCloak, a self-hosted Gitlab instance, there are many other projects.) and trust those.

Contributor guide