Hacker News new | past | comments | ask | show | jobs | submit login

It looks like they have an identity provider, so this must support authentication. Link: https://github.com/orbitdb/orbit-db-identity-provider

What I'd like to know is do they support authorization?




Hey thanks for taking a look at this. We support identity providers (the one you linked), and access controllers.[1]

Identity providers work by cross-signing an external keypair with the generated OrbitDB key-pairs, and access controllers generally work by exposing a `canAppend` function that facilitates any kind of auth you want to perform. There's support for Metamask for example. OrbitDB is also used _in_ Metamask under the hood by our good friends at 3box.[2]

TallyLab, my application project, uses these in its IAM system and you can see the repos here.[3]

1. https://github.com/orbitdb/orbit-db-access-controllers 2. https://3box.io/ 3. https://github.com/tallylab


Yup. You can actually extend the Access Control to create your own custom authentication/authorization methods.

So, basically you can have any sort of Web 2.0 or Web 3,0 based authentication/authorization methods. Oauth, JWT, DIDs...anything you can imagine.

Link to Access Controller: https://github.com/orbitdb/orbit-db-access-controllers#creat...


I believe it generates a pub/priv key pair and stores it in localstorage.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: