As web developers, we're pretty used to handling forms-based authentication schemes. More or less, we're pretty familiar with handling the libraries which provide this functionality for us. On the other hand, as we move into a larger and broader Internet framework we are needing to support more and more auth types (OAuth, token schemes, HMAC, etc).
Seeing the discussion in this PR - we should take some time to research, document and standardize our approaches to these problems.
As web developers, we're pretty used to handling forms-based authentication schemes. More or less, we're pretty familiar with handling the libraries which provide this functionality for us. On the other hand, as we move into a larger and broader Internet framework we are needing to support more and more auth types (OAuth, token schemes, HMAC, etc).
Seeing the discussion in this PR - we should take some time to research, document and standardize our approaches to these problems.