Integrating with arbitrary user authentication systems

[jwarkentin]

It would be interesting and useful to be able to integrate with any user authentication system for any application that wants to use node-monkey. This may be possible by allowing users to be authorized through one or two different methods.

Method 1 Allow application to pass in user auth and permission data through the config when initializing. This is somewhat limited because it would require pre-loading all users into the config, even if there are a lot. Additionally, I don't know how password verification would work unless node-monkey just supported a lot of different password authentication schemes. This is likely not the approach to take.

Method 2 Allow the application to pass in an authorize callback which will be passed any credentials when a user desires to have access. It will also be given a callback which must be called with true|false indicating authorization and the list of commands the user has authorization to run, if true. This is likely the best approach and will be used unless something better comes to mind.

Note that any of the above authentication methods would likely only supplement any user accounts added via the official authentication mechanism built in to node-monkey.

Also, this system should play nicely with oauth. I'm not sure it would ever be a problem but it should be considered when developing it.