Decentralized user profiles
An user account should be enriched by profile data, e.g. email address, nickname, short-bio, avatar. The profile data should be stored decentralized depending on authorization method, e.g. if LDAP authorization is used the profile data should be stored in LDAP as well. DM Core should provide implementers of authorization methods an API to fetch/store profile data.
DM platform API extension:
The platform will provide basically generic fetchUserProfile
and storeUserProfile
methods. They will run in the context of the authorized user. A user profile is just a Map
, so that it's content is extensible by application authors. The platform will predefine 4 keys with dedicated semantics, e.g.
dmx.accesscontrol.email_address
dmx.accesscontrol.nickname
dmx.accesscontrol.short_bio
dmx.accesscontrol.avatar
AuthorizationMethod
interface extension:
The implementer of an authorization method will define the fetchUserProfile
and storeUserProfile
methods in the specific way (e.g. for LDAP). The platform will delegate the generic fetchUserProfile
and storeUserProfile
calls to the specific auth method the current user is logged with.
Implementation detail:
The Core will store the AuthorizationMethod
instance used for login in the session, so it can do the delegation.