When fpm serve
is running with on remote, it needs to get all the identities of the user who is currently making the HTTP request to decide if the user has access or not.
Note: We know if fpm serve
is running in remote if remote
cargo feature is enabled.
On local, for testing, fpm will find the user (who is making the http request) identities via a cookie named identities
. But this is not secure as end user can modify the cookies.
On remote, we will have a cookie named sid
(session id). If the cookie is present, fpm
will make a HTTP request to identity service to fetch the identity.
Identity service is responsible for logging user in, and managing all the identities of the user. FPM and identity service communicates via the sid
cookie.
TODO: fpm
will find the URL of identity service using FPM_IDENTITY
environment variable.
FPM will call /get-identities/
API on identity service
, which will return the list of identities.
/get-identities/?sid=<sid>&github=abrarnitk
{ "user-identities": [ { "email": "yo@y.com" }, { "github": "abrarnitk" } ] }
fpm
gets the identities of user corresponding to current HTTP request, it will then look at user group
definitions in FPM.ftd and find all the groups the the current user belongs to.-- import: fpm -- fpm.package: amitu.com -- fpm.user-group: FifthTry People id: fifthtry-people email: yo@y.com github-team: FifthTry/everyone
Then based on email: yo@y.com
, we know the user belongs to fifthtry-people
group. The other identity, github: foo
did not match any groups. The maker of http request belongs to only one group.
Now we will look at the sitemap, find the readers
of the current URL that is requested. If the user belongs to a group that has read access to current URL the user can read it, else fpm will return 401.
sid
sid
cookie and the identity stuff is only needed to see if a private URL is readable by the specific user making request. If the URL is public, readable by the world, then there is no need to do any checks.