@@ -87,8 +87,97 @@ For details about the development server, please refer to the project's [README]
The asset management system includes a garbage collector, accessible via the endpoint `/garbage_collector`. This mechanism is designed to reclaim storage capacity by periodically purging unreferenced assets. Integrating the garbage collector into a routine cron job schedule can optimise server storage utilisation.
## Authentication Services
## Authentication via Third-Party Services
This section explains how to generate client IDs and client secrets for Google, GitLab, and GitHub to enable user authentication within your application. This project utilises OAuth and Authlib to facilitate secure authentication through these popular third-party services.
### OAuth and Authlib
***OAuth:** An open standard for authorization that allows users to grant third-party applications access to their protected resources without sharing their credentials.
***Authlib:** A Python library that simplifies the implementation of OAuth and OpenID Connect providers and clients.
### Generating Client IDs and Client Secrets
#### Google
1.**Create a Project:**
* Go to the [Google Cloud Console](https://console.cloud.google.com/).
* Select "Web application" as the application type.
* Provide a name for your OAuth client.
* Set the "Authorized JavaScript origins" to your application's domain (e.g., `http://localhost:5000`).
* Set the "Authorized redirect URIs" to your application's OAuth callback URL (e.g., `http://localhost:5000/callback`).
* Click "Create".
4.**Obtain Client ID and Client Secret:**
* The newly created OAuth client ID and client secret will be displayed.
* Copy these values and add them to your `.env` file:
```
GOOGLE_CLIENT_ID=your_client_id
GOOGLE_CLIENT_SECRET=your_client_secret
```
#### GitLab
1.**Create an Application:**
* Go to your GitLab project or group settings.
* Navigate to "Applications" under "Settings".
* Click "New application".
2.**Configure Application:**
* Provide a name for your application.
* Set the "Redirect URI" to your application's OAuth callback URL (e.g., `http://localhost:5000/callback`).
* Select the necessary scopes (e.g., `read_user`).
* Click "Save application".
3.**Obtain Application ID and Secret:**
* The newly created application ID and secret will be displayed.
* Copy these values and add them to your `.env` file:
```
GITLAB_CLIENT_ID=your_application_id
GITLAB_CLIENT_SECRET=your_secret
```
#### GitHub
1.**Create an OAuth App:**
* Go to your GitHub account settings.
* Navigate to "Developer settings" -> "OAuth Apps".
* Click "New OAuth App".
2.**Configure OAuth App:**
* Provide a name for your application.
* Set the "Homepage URL" to your application's domain (e.g., `http://localhost:5000`).
* Set the "Authorization callback URL" to your application's OAuth callback URL (e.g., `http://localhost:5000/callback`).
* Click "Register application".
3.**Obtain Client ID and Client Secret:**
* The newly created client ID and client secret will be displayed.
* Copy these values and add them to your `.env` file:
```
GITHUB_CLIENT_ID=your_client_id
GITHUB_CLIENT_SECRET=your_client_secret
```
### Enabling Authentication
Once you have obtained the client IDs and client secrets, enable the desired authentication methods in your `.env` file by setting the corresponding values to `1`:
```
AUTH_GOOGLE=1
AUTH_GITLAB=1
AUTH_GITHUB=1
```
**Remember:** Keep your client secrets confidential and never expose them in client-side code or public repositories.
