[geeklog-devel] OAuth Support - Passwords and Emails
dirk at haun-online.de
Sat Oct 23 17:14:29 EDT 2010
Yes, the My Account page really has some issues with remote accounts and I think they're the same issues with all kinds of remote services. For example, when it asks for your password to change a setting (like how long to stay logged in) it's not checking the remote password but the - non-existing - local one.
In fact, I think there's already an issue about this on the bugtracker.
Greetings from the GSoC mentor summit :)
Am 23.10.2010 um 11:55 schrieb "Tom" <websitemaster at cogeco.net>:
> Okay the OAuth hack is pretty much in place.
> Two things
> 1. How do we want to handle accounts without passwords?
> I was thinking of removing the password fields (and check) on the form "My
> Account -> Username & Password" for any user that doesn't have a
> remoteservice of NULL and passwd of '' in the users table. Will this work
> for the other login methods like OpenID, 3rdParty (livejournal, LDAP)?
> 2. Some User login methods do not give us the users email address.
> I will add in a check on the profile page so other users cannot send them an
> email. Anything else needed here?
> __________ Information from ESET NOD32 Antivirus, version of virus signature
> database 5558 (20101023) __________
> The message was checked by ESET NOD32 Antivirus.
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
More information about the geeklog-devel