21371dbd1b
Introduce a new endpoint, /jwks, which returns a JSON Web Key Set (JWKS). This set of public crypto keys will be used by external parties to encrypt data intended for our backend. In the context of the resource server, this key will be used by the authorization server to encrypt the introspection response. The current implementation exposes a single public key, with the private key configurable in the app settings. The private key is represented as a string. For enhanced security, we might prefer to store this data in a .pem file excluded from version control. A few parameters for this key, such as its type and encoding, are configurable in the settings. A critique of the current design is its lack of extensibility. If we decide to offer more than one encryption method, this view will require refactoring. Additionally, the current implementation is tightly coupled with joserfc. This lays the foundation for further improvements. Please note, this endpoint only public components of the key, there is no chance for any secret leaking.
People
People is an application to handle users and teams.
As of today, this project is not yet ready for production. Expect breaking changes.
People is built on top of Django Rest Framework.
Getting started
Prerequisite
Make sure you have a recent version of Docker and Docker Compose installed on your laptop:
$ docker -v
Docker version 20.10.2, build 2291f61
$ docker compose -v
docker compose version 1.27.4, build 40524192
⚠️ You may need to run the following commands with
sudobut this can be avoided by assigning your user to thedockergroup.
Project bootstrap
The easiest way to start working on the project is to use GNU Make:
$ make bootstrap
This command builds the app container, installs dependencies, performs
database migrations and compile translations. It's a good idea to use this
command each time you are pulling code from the project repository to avoid
dependency-related or migration-related issues.
Your Docker services should now be up and running 🎉
Note that if you need to run them afterward, you can use the eponym Make rule:
$ make run
Adding content
You can create a basic demo site by running:
$ make demo
Finally, you can check all available Make rules using:
$ make help
Django admin
You can access the Django admin site at http://localhost:8071/admin.
You first need to create a superuser account:
$ make superuser
You can then login with sub admin and password admin.
Run frontend
Run the front with:
$ make run-front-desk
Then access at http://localhost:3000
user: people
password: people
Contributing
This project is intended to be community-driven, so please, do not hesitate to get in touch if you have any question related to our implementation or design decisions.
License
This work is released under the MIT License (see LICENSE).