The idea of having the clientside javascript generate keys for new users seems like a workable pattern.
This is similar to how peergos does their authentication: https://peergos.org/ (sorry, i don’t have a link directly to how they do that)
If you can restrict your processing entirely to clientside javascript, your app becomes very portable. But you can also write and distribute other apps that interact with the api of a locally running ipfs daemon.
One powerful tool you have available here is pubsub (which will be authenticated in the future, allowing only select peers to participate). This is how peerpad works. You can use pubsub to communicate between users of a given app. Peerpad uses CRDTs to essentially form a fully distributed database between all of its peers.
Also, IPNS is going to get an upgrade sometime (hopefully) soon in the form of IPRS (some WIP stuff is being discussed here ). With IPRS, you would be able to have an IPNS entry that can be published (for example) by anyone whose key is signed by N other users, or N administrators.
Sorry for rambling, I hope that helps.