spliit-app/spliit

Possible Addon?: User Accounts

linw0724 opened this issue · 5 comments

Hi, I saw this app while looking for an alternative to Splitwise and it is great! Thanks for all the time and work everyone has put in to this. I just started learning how to code as a hobby so I apologize in advance for not being able to contribute much to the project yet.

I was wondering if it would be within the ethos of the app to have user logins (at least for self hosted instances as an option) through local credentials, or through Google Auth, Facebook, etc.

My thoughts on advantages of this:

  • If people create accounts on the app, it would be easier to automatically share expense groups by adding people via their accounts to a group (or if they don't have an account yet, sending a link to invite to the app).
  • Once people are added to a group via their account, whenever they log in, the group they are in will be automatically shown (making group link sharing optional instead of required).
  • Maybe this could also lead to Venmo/Paypal/etc integrations since there will be accounts to save user data to (if someone added payment info to their profile). Like next to the "Mark as Paid" have a "Pay Up" button that sends you to the Venmo/Paypal dialogue of the user you need to pay with the amount already inserted. I was thinking of staying with external payment services to avoid having to deal with the data security of storing actual banking information on the app instance.
  • I think this could also be a way to work the Make IDs Integers #36 issue as mentioned

I wonder if the core contributors are interested in allowing user accounts. If so I'd be happy to help out

for self-hosted, the easiest way to have this behind a login screen is to throw it behind an OIDC screen in a reverse proxy (such as Nginx or traefik). Apps like Keycloak, authentik or zitadel allow the management of accounts, auth and OIDC applications.

If we wanted to add user support, OIDC would probably be more palatable to integrate into spliit than a full user/login system.

I second an OIDC approach.

Even an option to accept header like "X-Forwarded-User" or "X-authentik-user" would be a super useful addition on top of forward authenticators.

+1 to this. Might be the push needed to create and enable user accounts in spiit with an OIDC approach. Should help resolve a bunch of other issues with this app.

  • Could also look to simplify payments across various groups #19 . i.e I owe John £150 in group 1 and £60 in group 2. I should be able to pay £210 and settle across both groups from the "People" section. In people you could do a simple friend system where you add by username.
  • Also addresses #20 as groups would be displayed on your homepage since a user can hold identifiable information about groups they are in.
  • Look to add the user ID's on #106 to ensure the user doing the action is actually the user they say they are.
  • The complexity in #34 could be also addressed by using the users login. Option to enable encryption or not (though I do think this should be as standard without the option of turning it off)

This would be a welcome addition for the app!