Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement Lua and Rust clients #1526

Open
yonas opened this issue Aug 29, 2024 · 1 comment
Open

Implement Lua and Rust clients #1526

yonas opened this issue Aug 29, 2024 · 1 comment
Assignees
Labels
feature request New feature or request

Comments

@yonas
Copy link

yonas commented Aug 29, 2024

Rust is increasingly popular choice for extremely fast and memory safe programs.

Lua is an easy to use scripting language similar to Javascript. It's often chosen for use in embedded systems. With https://github.com/openresty/lua-nginx-module , you could use permify to control web server permissions.

@yonas yonas added the feature request New feature or request label Aug 29, 2024
@tolgaOzen tolgaOzen moved this to Q4 2024 – Oct-Dec in Public Roadmap Sep 13, 2024
@polarathene
Copy link

HAProxy also offers lua support IIRC.

Traefik and Caddy also have some features that could probably integrate in a similar manner (either via standard config like basicauth (Caddy, Traefik) for getting the user via header and forward_auth (Caddy, Traefik) to query Permify, or perhaps as a separate plugin/module).

While Forward Auth can be used to delegate to another service that authenticates with SSO, that same service may lack in control/flexibility of managing permissions but the response can provide relevant auth headers associated to the authenticated user (eg: Authelia, AuthCrunch / caddy-security) and their groups/claims/role which another request could then be forwarded to Permify for an authorization check.

I personally like Caddy (and Caddy Docker Proxy) for it's simplicity with Caddyfile, but Traefik is also quite popular with the label annotation feature for configuring routing to service containers. Perhaps these would compliment the existing guides that already encourage using a container for Permify?

Compared to a specific application integration, the user would be able to manage the checks at the routing level prior to a request being forwarded by the reverse proxy to a service or API? Might benefit adoption / awareness of Permify further that way, which may further encourage adoption in downstream services? (in other scenarios it makes more sense for the application / service itself to perform checks with Permify, but for routing access based on identity that could be done at the reverse proxy level)

If instead going the custom plugin route, some references might be Souin and Sablier. Both are Go based with various reverse proxy and other integrations.


Also would be good to see a rust client 😎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature request New feature or request
Projects
Status: Future
Development

No branches or pull requests

4 participants