I programmed a web app a couple of years ago that I would love to move from a traditional hosting provider over to the ThreeFold Grid. In this process I want to rework some of the source code and overall system architecture to do as much as possible in the “ThreeFold way”.
I’ve been able to successfully use TF-Connect to login to an owncloud instance that I deployed on testnet. So there certainly seems to be a working interface for user authentication on TF Connect.
Now I’d love to implement TF-Connect authentication for my own web app.
Is there any up to date documentation that I can use as guidance on the topic?
Furthermore I’d love users of my web app to be in full control of any user data that is created when they are using my web app. I believe the concept of a digital twin is what can help with this. I am unsure whether or not the concept of a digital twin is mature enough to be implemented for production applications right now. I see two different ways that securing user data could potentially be implemented:
User data is directly stored within the data storage of each digital twin that signed up to my app, limiting any access for myself (the developer) or third parties
User data is stored in a centralized/distributed database (hosted on the TF Grid), but encrypted by means such that only the user authenticated via TF Connect is able to decrypt his own user data locally on his device, without relying on additional passwords.
I hope to be able to find time to work on all this over the holiday season, so any tips guides and references on how I might be able to achieve those two goals are highly appreciated. If I am able to get it done I will take down my current deployment and educate my (very small) user base how they can keep using my app the “ThreeFold way”.