[federation] subscribe/authorize logic
Note: this meta ticket will probably be splitted in sub tickets.
At first, music catalog federation will be opt-in, meaning instance A will ask instance B to get access to its catalog. Instance B will accept or deny instance A request. In case of accept, a token/key/whatever will be send to instance A to give it access to instance B API and catalog.
To achieve that, we need:
- A model to store Instances (name, url, first_seen date)
- A token model (instance, token_value, valid_until, etc.)
- A federation request model (instance, creation_date, status), with a constraint to ensure we don't have more than one open request per instance
- A federation setting (probably a preference) to allow instance owner to enable or disable federation requests
- A federation request endpoint for creating/updating requests
- The logic to send the token to the accepted instance. In fact, it looks like a private/public key combined with signing HTTP requests is the way to handle this problem, according to https://www.w3.org/wiki/SocialCG/ActivityPub/Authentication_Authorization
- A front-end view to list/accept/deny federation requests
- A front-end view to list/revoke federation tokens
Edited by Agate