Identify
At the moment this project just serves as a platform for me to learn about auth
systems. Feel free to submit issues but I'm not quite ready for pull requests.
Use at your own risk, this code is far from being production ready.
Identity authentication and authorization service. Identify provides a secure
interface for authenticating one's identity and provides token-based
authorization for other services.
Setup and Installation
make
sudo make install
Quickstart
Create an identity
Before starting Identify as a service, you must create an identity.
$ identify new identity
> Enter passphrase:
> Administrative identity created xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Generate a self-signed certificate
Identify's web server will only host over HTTPS which requires certificates to
be provided for the server's identity. While using a certificate from a
3rd-party authority is recommended for public-facing websites, Identify can
also generate self-signed certificates using the ECDSA key from an identity.
$ identify new certificate -id=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
> Enter passphrase:
> Certificates written to ~/.identity/certificate.pem ~/.identity/key.pem
Start web server
With certificates in place, identify can listen for HTTPS traffic on port 8443.
An identity must be specified for the server to operate on-behalf-of. Tokens
generated by the server will be signed using the Ed25519 key for the given
identity.
$ identify listen -id=xxxxxxxx-xxxx--xxxx-xxxx-xxxxxxxxxxxx
> Enter passphrase:
> Identify listening for HTTPS traffic on 0.0.0.0:8443...
License
Identify Copyright (C) 2020 Alexei Broner
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see http://www.gnu.org/licenses/.