- Rename the path from /configureAuthSession to /requestAuthSession
- Add a global getter/setter for the `ServiceDB` : this avoids cyclical deps
because now the Realm wants access to the database, and due to the factory
pattern it would mean `types.go` would need to import `database`, but
`database` is already doing so to invoke the factory function in `schema.go`.
- Modify how `AuthSession` is loaded/stored in the database. Now it is just
a blunt JSON store for Public fields. It is initialised via a new Realm
interface function `AuthSession(userID, realmID)` which is there to return
the right `struct` so stuff can be unmarshalled into it.
- Add a new Realm interface function `RequestAuthSession` which is invoked
when `/requestAuthSession` is hit. It is a direct request/response mapping,
a JSON blob goes in as a param, and a JSON blob comes out as the return.
The Realm is free to create/load/update/delete `AuthSessions` inside the
function. This allows better control over when new sessions are made (or
whether to return an existing session).
Auth sessions are a single auth process between a user and an auth realm. As
such, they are keyed off the tuple of `(user_id, realm_id)`.
Only the realm which they belong to knows how to construct them, hence all
"load" sections require an `AuthRealm` to be extracted first.
Currently I pass in a `json.RawMessage` rather than factory initialise and
clobber public fields based on the JSON, we can always change that if need be
later down the line.
Overall, this feels really nice (when starting to add in GH auth, everything I
wanted was already there in the right place waiting for me).
- These represent a place where a user can authenticate themselves.
- They function in the same way as Services (insert/update based on an HTTP API)
- They currently don't *do* a lot other than exist for storing realm-specific
information (e.g. the `GithubRealm` stores the `ClientSecret` and `ClientID`)
- Register them like we are with Services.
- Add `/configureAuth` endpoint to create/update auth.
- Move ThirdPartyAuth out of the database layer since they are passed as
params to `/admin/configureAuth`