auth endpoint

[HannesRakete]

To provide interaction and authentication with the widely used sportsmanager, user auth against sportsmanager-api has to be established.

acceptance criteria

1. The user can login with his sportsmanager-credentials for the given national foosball association
2. The user can choose to stay logged in even after closing the application
3. The user can access the teams, he is able to edit in the sportsmanager

refinement

@arnef already developed a REST-api for the sportsmanager and deployed it at the TFVHH (national foosball association Hamburg) instance. Documentation can be found here: (https://arnef.hopto.org/kickernhh/#auth-token-post)

For session-mgmt a distributed cache should be used: aws elasticache. If much simpler in a first approach a dynamodb-table could be an alternative

The requirements can be fulfilled with the following flow:

1. User credentials are given our auth-endpoint: national foosball association, username, password
2. foosbyte-api sends username and password to the sportsmanager-api of the corresponding national foosball association
3. The received api-key is used to get a token via /user/auth/refresh. This token contains the team-ids for teams the user can edit.
4. The foosball-api generates a session key and saves and saves all received data with the sesssion key in a distributed cache.