add a fake login page with stub where a supercomputing site could add a call to their own authentication service and return success or failure. For now it can just always return success and log people into a superuser identity/role, because we are in a friendly user mode now. In the longer run, users must authenticate to an identity on the supercomputer whose jobs we will see, unless they are a superuser. In general, we should not write any authentication code ourselves -- use existing libraries/services. Find one that sanitizes the username input, and possibly the password.
add a fake login page with stub where a supercomputing site could add a call to their own authentication service and return success or failure. For now it can just always return success and log people into a superuser identity/role, because we are in a friendly user mode now. In the longer run, users must authenticate to an identity on the supercomputer whose jobs we will see, unless they are a superuser. In general, we should not write any authentication code ourselves -- use existing libraries/services. Find one that sanitizes the username input, and possibly the password.