top | item 37894985

(no title)

dvasdekis | 2 years ago

I was interested in how you do authentication, but currently the 'Omni_web' link & readme is missing. Suggest you could use the pgjwt[0] approach for this for simple logins in the short term, but supporting OpenID Connect would be a larger engineering effort.

[0] https://github.com/michelp/pgjwt

discuss

yrashk|2 years ago

The current approach employed by Omnigres users is good old sessions (since latency to the database is non-existent) and omni_txn's transactional variables (https://docs.omnigres.org/omni_txn/variables/) to store session-related data.

This way we don't need to handle the difficult parts of JWT (forced expiration, etc.) and the mental model becomes rather simple.

dvasdekis|2 years ago

Also forgot to say, love the project and love the objectives! Allowing Postgres to do it all means so much from a server management perspective - imagine not having to manage any redundancy/performance/analysis outside of the health of the Postgres box - fantastic :)

yrashk|2 years ago

Thank you for your kind words! The original dream was indeed a "one box" approach, even when they scale horizontally and to the edge. Perhaps a more accurate depiction of this is a "unified interface".