Starting in on reading about how to use KeyCloak in Clojure. It's quite promising! But it will require some effort to make this fairly turnkey for people. I'd ideally want people not to have to run anything but this server. Will that be possible though? Much to ponder.
I'm feeling at the moment like I'd want just to use a simple OpenID Connect flow to allow folks more freedom in how they set up authentication. But the question is how to control user registration in a universal way? That part is unclear.
The other thought is just to go old school. Manage passwords ourselves using known best practice.
I want this to be easy! 🙎♂️