- 
                Notifications
    You must be signed in to change notification settings 
- Fork 14
Description
Small Intro to Glee
Glee is an innovative spec-first framework that empowers developers to build high-performing server-side applications with ease. By allowing users to focus on the business logic of their applications, Glee takes care of the critical aspects of performance, scalability, and resilience, making it an ideal solution for complex production environments. As of now glee supports multiple protocols like websocket, mqtt, kafka and soon HTTP.
Problem Statement
In particular, Glee allows users to create WebSocket servers, which necessitates the implementation of secure and reliable authentication and authorization mechanisms. This ensures that only authorized parties can access and use the WebSocket servers, thereby enhancing the overall security and privacy of the communication channels.
Proposed Solution
By providing users with the tools to develop customized authentication and authorization procedures, Glee would enables them to tailor their servers to their specific needs, ensuring that they meet the highest standards of security and reliability.
We need to support the commonly used methods of authentication that are supported by websocket servers. In general we need to have support for
- Basic Authentication: This is a simple and widely supported authentication mechanism that uses a username and password to authenticate clients. The client sends the username and password in the HTTP header during the WebSocket handshake, and the server verifies it before establishing the WebSocket connection.
- Token-Based Authentication: This is a popular authentication mechanism that uses tokens or access keys to authenticate clients. The client sends the token in the HTTP header during the WebSocket handshake, and the server verifies it before establishing the WebSocket connection.
- OAuth 2.0: This is a widely used authentication and authorization framework that enables clients to obtain access tokens to access protected resources. The client sends the access token in the HTTP header during the WebSocket handshake, and the server verifies it before establishing the WebSocket connection.
- Mutual TLS Authentication: This is a strong authentication mechanism that uses TLS certificates to authenticate clients. The client sends a client certificate during the WebSocket handshake, and the server verifies it before establishing the WebSocket connection.
Mentors:
@Souvikns @KhudaDad414
Project Repo
https://github.com/asyncapi/glee
Expected Difficulty:
Easy-Medium
Expected Time Commitment:
175 Hour
Technical skills requried
Typescript, nodejs, websocket, EDA basics