In order to be able to manage your account settings from a front-end, it would obviously be useful not having to send a user’s LDAP password with every HTTP request.
I had a quick look, and it seems to me like passport.js with passport-ldapauth is a popular choice.
However, as we also have to use plain LDAP/ldapjs in order to change account data from the API anyway, I’m not sure if a different library is necessary for the authentication.
In the last weekly call I elaborated on my current thoughts about the whole signup and accounts management architecture, and how I came to the conclusion that only having a single app and integrated front-end was a better path forward than spreading things out over the API and various different front-ends (as the current prototype does). I also outlined some ideas for how an external signup can (hopefully) be integrated seamlessly into the Hyperchannel onboarding process.
Since then, I have created a new Rails app, simply called Akkounts, and I’ve made some good progress so far:
In fact, it’s almost ready to be deployed for existing users, so they can reset their passwords for example. But there’s zero design/CSS at this point, and there are some other things left to do as well. However, all in all, I’m pretty confident that we can deploy this before next week’s call already.