[geeklog-devel] OAuth Support - Passwords and Emails
Dirk Haun
dirk at haun-online.de
Sat Oct 23 17:14:29 EDT 2010
Yes, the My Account page really has some issues with remote accounts and I think they're the same issues with all kinds of remote services. For example, when it asks for your password to change a setting (like how long to stay logged in) it's not checking the remote password but the - non-existing - local one.
In fact, I think there's already an issue about this on the bugtracker.
Greetings from the GSoC mentor summit :)
bye, Dirk
--
http://www.themobilepresenter.com/
Am 23.10.2010 um 11:55 schrieb "Tom" <websitemaster at cogeco.net>:
> Okay the OAuth hack is pretty much in place.
>
> Two things
>
> 1. How do we want to handle accounts without passwords?
>
> I was thinking of removing the password fields (and check) on the form "My
> Account -> Username & Password" for any user that doesn't have a
> remoteservice of NULL and passwd of '' in the users table. Will this work
> for the other login methods like OpenID, 3rdParty (livejournal, LDAP)?
>
>
>
> 2. Some User login methods do not give us the users email address.
>
> I will add in a check on the profile page so other users cannot send them an
> email. Anything else needed here?
>
> Thanks
>
> Tom
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus signature
> database 5558 (20101023) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
> _______________________________________________
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
> http://eight.pairlist.net/mailman/listinfo/geeklog-devel
More information about the geeklog-devel
mailing list