Here is the basic flow for authenticating a user.
Diziet : This app.
Vulgarian : The main (Masqt-controlled) server that handles authentication.
Firebase : Firebase, Google's cloud platform. We use Firebase Cloud Messaging to sync users' SMS messages.
Twilio : Twilio Our telephony provider. It also uses Firebase Cloud Messaging to send incoming call invites to devices, but uses its own authentication scheme.
Here's how things work when the user starts the app and isn't logged in. (This because they've never run the app before, or they've logged out, or they have an expired authentication token.)
- The user enters a username/password pair into a form and hits the submit button. Diziet sends this information to Vulgarian.
- Vulgarian checks the username and password and retrieves an authentication token. It sends the token back to Diziet in the response.
- Diziet, using the authentication token, requests a Firebase token from Vulgarian.
- Vulgarian identifies the user by their authentication token, acquires a Firebase token from Firebase, and sends the Firebase token back in the response to Diziet.
- Diziet uses the Firebase token to authenticate on Firebase.
- Diziet, using the authentication token, requests a Twilio token from Vulgarian.
- Vulgarian identifies the user by their authentication token, acquires a Twilio token, and sends this back to Diziet.
- Diziet, using the Twilio token, registers on Firebase to receive incoming call invites.
Things work almost the same as authenticating from scratch, but if we already have an authentication token for Vulgarian, we can skip to step 3.
TODO