User management

Question

User management

cedricbonhomme opened this issue 9 years ago · comments

User management is kinda sketchy. Reading through that (fr) http://sametmax.com/the-user-is-dead/ I realize i'd be much more nice for any day to day user to rely on an OpenID mechanisme (openid / facebook / google) alongside the current user management, if not in place of it.

It'd make the user management simpler and the application more accessible to new users.

Bitbucket: https://bitbucket.org/cedricbonhomme/jarr/issue/10
Originally reported by: François Schmidts
Originally created at: 2015-07-24T18:10:20.252

Cédric Bonhomme · Answer 1 · Sun Nov 29 2015 17:20:21 GMT+0800 (China Standard Time)

Yes, it makes sense to add the support of single sign on. For the users who wants to use that. Personnaly, I am not using openid or a member of facebook, twitter, etc.. I am even considering to close my google account. So, I think we should keep the "classic mechanism" of login. And add the possibility of using SSO for a particular pyAggr3g470r instance (via the configuration file, for example). Maybe with Flask-SSO?

Original comment by: Cédric Bonhomme

Cédric Bonhomme · Answer 2 · Sun Nov 29 2015 17:20:21 GMT+0800 (China Standard Time)

I just read this blog post:
http://blog.miguelgrinberg.com/post/oauth-authentication-with-flask
maybe not exactly what you were talking about, but this is still a step forward. And the cost to implement this new functionality seems low. Unfortunately I do not have a twitter of facebook account (but this should also work with Google).

I am actually wondering if this is a good thing to remove the user.email field and the email address verification. We can just keep the user.nickname and user.password. And maybe user.social_id for oauth. What do you think?

Original comment by: Cédric Bonhomme