User authentication

[skitterm]

Description

As a user, I need to be able to log in and out of the application so that my information stays private to the members of the conversation.

Tasks

• Quickly research authentication methods with OAuth (authorization code?)
• Research protecting API, data against unauthenticated users
• Quickly research authentication providers
• Create simple sign-in page
• Create landing page
• Create OAuth redirect page
• Can sign out from header
• Messages, rooms, users API endpoints are authentication-protected
• Web sockets are auth-protected

Acceptance criteria

• User can stay signed-in for (n) length of time
• Access expires after (n) length of time
• Can sign in to app
• "Sign out" displayed on header
• Clicking "sign out" on header signs me out fully
• Signed-out users cannot view or search for channels or members
• User A cannot access direct threads between User B and another member
• (if feasible) App can only be accessed over HTTPS
• Only participants in room can see room or its messages
• Only logged-in users can see rooms or messages