[RFC] - Single Sign-on for Multiple Linodes

Created: 2007-01-24  8:30PM
Updated: 2007-01-24 10:23PM 

Here's a snippet of the current Linode DB schema (in pseudocode-esque)

== Customer Table ==
Customer.CustomerID (pk)
Customer.FirstName
Customer.LastName
... and so on

== Linode Table ==
Linode.LinodeID     (pk)
Linode.CustomerID   (fk)
Linode.username
Linode.password
... and so on

I made an oversight back in the day when designing the Linode schema in this 
manner that's caused some confusion -- especially now since we have a lot of 
nice features that work for linked Linodes (think of linked Linodes as a 
number of Linode records under one Customer record).

Linked Linodes end up having a username and password for each Linode, however 
that's counter-intuitive.  What I'd like to do is to create username and 
password fields under the Customer table.  

** What would Linode.com authenticate against?

It would use Customer.username and Customer.password, rather than the Linode 
table's fields.

** How would this work for new Customers?

New accounts would sign up like normal, just that their username and password 
would be saved in their customer record.  The Linode.username would be 
generated (and possibly provided, but only for advanced use -- see below)

** How would this work for existing Customers with just one Linode?

I'd move their Linode.username and Linode.password data into the Customer table.

** How would this work for existing Customers with Linked Linodes?

Upon first log in after this is deploy, either give them the opportunity to 
choose a new username and password for the website, or allow them to select 
from their existing username/pass combos, or maybe just use the one they 
logged in as.

** What about the user/pass fields in the Linode table?

Each Linode account would still have a unique username on its host.  For 
existing Linodes it just be the Linode's original username.  For new Linodes, 
it would be created using some internal formula generated.

** And what becomes of Lish now that we may not know what the Linode.username 
ended up being?

There's been some talk between us at Linode about creating a console server -- for 
example console.linode.com, that everyone connects to and gets a menu system for 
accessing *all* their Linode accounts -- or perhaps one single screen session with 
multiple windows, one window per Linode.  console.linode.com would be authenticated 
against your NEW single user/pass combo (the one on the Customer record).

Existing users may actually have scripted actions that depend on the existing Lish
way of working, so that wouldn't change.

** WHY?

The entire point of this is so that there's ONE single user/pass you need to remember 
for each "set" of Linodes you administer.

- It makes it possible to change your login username easily, since it's not tied to 
  actual user accounts on our host servers, etc.
- Could now reference individual Linode accounts in the LPM with some type of label 
  that you guys provide, rather than the username itself
- opens the doors for other cool site features, since it would be possible to have a 
  Customer record without any actual Linodes