Fediverse-based authentication (#1846)

* Able to authenticate user against IndieAuth. For #1273 * WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272 * Add migration to remove access tokens from user * Add authenticated bool to user for display purposes * Add indieauth modal and auth flair to display names. For #1273 * Validate URLs and display errors * Renames, cleanups * Handle relative auth endpoint paths. Add error handling for missing redirects. * Disallow using display names in use by registered users. Closes #1810 * Verify code verifier via code challenge on callback * Use relative path to authorization_endpoint * Post-rebase fixes * Use a timestamp instead of a bool for authenticated * Propertly handle and display error in modal * Use auth'ed timestamp to derive authenticated flag to display in chat * Fediverse chat auth via OTP * Increase validity time just in case * Add fediverse auth into auth modal * Text, validation, cleanup updates for fedi auth * Fix typo * Remove unused images * Remove unused file * Add chat display name to auth modal text
2022-04-22 17:23:14 -07:00
parent 8b7e2b945e
commit a082cf3a77
21 changed files with 855 additions and 81 deletions
--- a/webroot/js/components/auth-indieauth.js
+++ b/webroot/js/components/auth-indieauth.js
@@ -16,7 +16,7 @@ export default class IndieAuthForm extends Component {
  }

  async submitButtonPressed() {
-    const { accessToken, authenticated } = this.props;
+    const { accessToken } = this.props;
    const { host, valid } = this.state;

    if (!valid) {
@@ -68,17 +68,17 @@ export default class IndieAuthForm extends Component {

  render() {
    const { errorMessage, loading, host, valid } = this.state;
-    const { authenticated } = this.props;
+    const { authenticated, username } = this.props;
    const buttonState = valid ? '' : 'cursor-not-allowed opacity-50';
    const loaderStyle = loading ? 'flex' : 'none';

    const message = !authenticated
-      ? `While you can chat completely anonymously you can also add
-  authentication so you can rejoin with the same chat persona from any
-  device or browser.`
+      ? html`Use your own domain to authenticate ${' '}
+          <span class="font-bold">${username}</span> or login as a previously
+          ${' '} authenticated chat user using IndieAuth.`
      : html`<span
          ><b>You are already authenticated</b>. However, you can add other
-          external sites or log in as a different user.</span
+          domains or log in as a different user.</span
        >`;

    let errorMessageText = errorMessage;
@@ -134,7 +134,7 @@ export default class IndieAuthForm extends Component {
      <p class="mt-4">
        <details>
          <summary class="cursor-pointer">
-            Learn more about <span class="text-blue-500">IndieAuth</span>
+            Learn more about using IndieAuth to authenticate with chat.
          </summary>
          <div class="inline">
            <p class="mt-4">
@@ -153,11 +153,6 @@ export default class IndieAuthForm extends Component {
        </details>
      </p>

-      <p class="mt-4">
-        <b>Note:</b> This is for authentication purposes only, and no personal
-        information will be accessed or stored.
-      </p>
-
      <div
        id="follow-loading-spinner-container"
        style="display: ${loaderStyle}"