-
-
Notifications
You must be signed in to change notification settings - Fork 709
User Authentication
A Sandstorm app delegates authentication to the Sandstorm platform. This page documents the details.
Many apps on Sandstorm expect to receive HTTP requests. To support those apps, Sandstorm provides a tool called sandstorm-http-bridge.
Developers should know that when their app is running, they are receiving HTTP requests from sandstorm-http-bridge rather than directly from the user. This results in a few interesting properties:
-
Sandstorm knows which user is making the request, so it can add headers indicating the username ("authentication").
-
Sandstorm knows which permissions the user has -- for example, it knows if the user owns this grain -- so it can add headers indicating what permissions the user has ("authorization").
-
When your app receives HTTP requests,
sandstorm-http-bridgehas normalized them, so your app doesn't have to handle whatever dialect of non-compliant HTTP the user's browser is speaking.
Per the current implementation of sandstorm-http-bridge, an app receives the following headers related to user identity and permissions:
-
X-Sandstorm-Username: This is set to the user's full name, in percent-encoded UTF-8. For example, the username"Kurt Friedrich Gödel"will appear as"Kurt%20Friedrich%20G%C3%B6del". For anonymous users, this header will simply contain "Anonymous%20User". -
X-Sandstorm-User-Id: If the user is logged in, this is set to the user's current user ID, which is the first 128 bits of a SHA-256. For example:0ba26e59c64ec75dedbc11679f267a40. This header is not sent at all for anonymous users. -
X-Sandstorm-Permissions: This contains a list of the permissions held by the current user. Permissions are defined in the package'ssandstorm-pkgdef.capnp. The grain's owner holds every permission and can use the "Share" button to authorize other users.
It is possible to write a Sandstorm app that does not use sandstorm-http-bridge! We provide sample code for that in the sandstorm-rawapi-example repository on GitHub.
You might be interested in looking at:
- A sandstorm-pkgdef.capnp with no permissions defined.
- A sandstorm-pkgdef.capnp with one permission defined.
- The implementation of sandstorm-http-bridge.