Skip to content

Create a polykey login command #408

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
tegefaulkes opened this issue May 16, 2025 · 5 comments
Open

Create a polykey login command #408

tegefaulkes opened this issue May 16, 2025 · 5 comments
Labels
development Standard development

Comments

@tegefaulkes
Copy link
Contributor

tegefaulkes commented May 16, 2025
edited
Loading

Specification

This command now falls under the new polykey auth subcommand.

As part of the PKE PK integration we need to create a new command to help with logging in to PKE. At its core this command just triggers the node to connect to a target node and hand over a token it was given. Since this handover is done over a TLS secured connection protected by the nodes certificate we both prove identity of the node securely an link the node to the login attempt.

The command will be polykey login <token>, it will take in the provided token and trigger all the steps to login with that token. The token itself will contain the node it needs to connect to and send the token to.

This breaks down into two parts.

  1. The creation of the command on Polykey-CLI.
  2. The creation of the client RPC handler for Polykey to handle the command. This needs to handle signing the JWT token and calling the proper agent RPC handler.

How the overall login flow works as designed is under change. We're still reviewing how the flow works and what the best way to approach it is. @shafiqihtsham Is reviewing the options right and and will make a write up comparing them. From there we will decide on the next steps in ENG-619.

Additional context

Parent issue: REF ENG-580

Tasks

  1. Create a client RPC handler that triggers calling the appropriate agent-RPC handler for logging into a PKE node.
  2. Create the polykey-cli command Polykey login <token>.
@tegefaulkes tegefaulkes added the development Standard development label May 16, 2025
@linear Linear
Copy link

linear bot commented May 16, 2025

ENG-620

@CMCDragonkai
Copy link
Member

Are you sure this command makes sense, according to the plan here.

Image

@CMCDragonkai
Copy link
Member

Like I don't understand what polykey login is for? Logging into what? It should just be part of the agent start command and integrated into that process. I don't see the need for an independent login command.

@tegefaulkes
Copy link
Contributor Author

The intention is for it to login to PKE using your node. It's hard to read but I think we have a PK authenticate command that fills that role at the top of the plan. But in any case we need a secure way to tie a user session on the website to a PK node that you log in with.

@CMCDragonkai
Copy link
Member

This makes it seem like tailscale, pulumi, docker... etc.

  1. What does it mean to login to enterprise.polykey.com?
  2. What does it mean to login to matrixai.enterprise.polykey.com?
  3. Can the "enterprise control plane" be portable? Just like how agent start --network matrixai.enterprise.polykey.com is possible can this also be possible polykey login matrixai.enterprise.polykey.com?
  4. The "network" and the web control plane are 2 things or one thing?
  5. Is logging in just a passkey/web3 wallet system?
  6. Is the PSK only relevant because of browser to CLI usecase? Because CLI driven usecase should work like tailscale and not require a PSK, since it should work like OAuth Flow. PSK is more for unattended setup.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
development Standard development
Milestone
No milestone
Development

No branches or pull requests
2 participants
@CMCDragonkai @tegefaulkes