REST possibility for gaining access / command controll of access #8
Description
At the moment it is only possible to give an app access by manualy editing the the config.yml file.
It should be possible for an app (for any caller without a valid access token) to ask for access via a new context.
In my opinion this should be managed by a new context (for example "access").
This context will provide actions like:
- "status", to get the acutal status of an access request.
- "ask", to aks for a new access token.
If a call via the "ask" action is made, the caller will get an temporary access token, which is only valid for the status "action".
The operator(s) of the server should be presented a message and commands to "reject", or "accept".
The answers of this operators commands will be represented by the result of the "status" action.
If the command was "accept", then the status should also contain the generated and valid token.
The temporyry access token (for "ask" access) should be only valid for a defined time. And also maybe be discarded after an ask call which deliveres the final access token.