Motivation
While authentication plugins have turned out to be very useful, their implementation imposes a number of unecessary limitations. It is impossible to use multiple mechanisms at the same time, to allow for example both OpenID and regular registration to be available. The plugins cannot change any of the user interface making it impossible to modify the login mask to reflect different input requirements, for example those of OpenID. It is difficult to integrate the profile data with other systems, this includes settings like username and passwords.
Proposal
Refactor the authentication plugins into an object oriented interface. Allow for multiple authentication plugins to be selected simultaneously and enable them to change the user interface. Profile changes to both account settings and profile data should either be preventable by such plugins or cause notification of the respective plugin so the data can also be changed in its own database.
Tracker Ticket
http://tracker.phpbb.com/browse/PHPBB3-9734
[RFC|Replaced] Auth Plugin Refactoring & User Integration
Re: [RFC|Accepted] Auth Plugin Refactoring & User Integratio
For those of us who maintain user-centric extensions/mods:
What kind of DB or code-level changes are we looking at to support this? Are we expecting users to still be identified solely by user ID numbers, or will there be something more complex?
P.S. I work with several large boards, some phpBB, some not -- this is the biggest feature we've been waiting for, so we're very excited to see this in action.
What kind of DB or code-level changes are we looking at to support this? Are we expecting users to still be identified solely by user ID numbers, or will there be something more complex?
P.S. I work with several large boards, some phpBB, some not -- this is the biggest feature we've been waiting for, so we're very excited to see this in action.
Re: [RFC|Accepted] Auth Plugin Refactoring & User Integratio
Anyone?
What kind of auth plugins can we expect on day one? Facebook Connect?
What kind of auth plugins can we expect on day one? Facebook Connect?
- DavidIQ
- Customisations Team Leader
- Posts: 1904
- Joined: Thu Mar 02, 2006 4:29 pm
- Location: Earth
- Contact:
Re: [RFC|Accepted] Auth Plugin Refactoring & User Integratio
Not sure there's going to be a ton of db level changes but there will be code-level changes. These changes, however, will be negligible as this should all be a matter of dropping in your plugin, enabling it, and you're done.nall wrote:What kind of DB or code-level changes are we looking at to support this? Are we expecting users to still be identified solely by user ID numbers, or will there be something more complex?
As far as using user IDs I'm sure this will still be needed though I'm interested in knowing what other "more complex" identification could be used.
Re: [RFC|Accepted] Auth Plugin Refactoring & User Integratio
Potentially you could use pairs that identify the service provider and the user id, e.g.: (phpbb, 12345) (openid, user@host). However, assuming we're keeping user ids as-is, I assume a few more columns will be required in the users table.DavidIQ wrote:Not sure there's going to be a ton of db level changes but there will be code-level changes. These changes, however, will be negligible as this should all be a matter of dropping in your plugin, enabling it, and you're done.nall wrote:What kind of DB or code-level changes are we looking at to support this? Are we expecting users to still be identified solely by user ID numbers, or will there be something more complex?
As far as using user IDs I'm sure this will still be needed though I'm interested in knowing what other "more complex" identification could be used.
I'm new to area51, so maybe there's already been some work done in this regard and I'm not aware of where to see it.
Re: [RFC|Accepted] Auth Plugin Refactoring & User Integratio
Nope, but I'm about to start working on it.nall wrote:I'm new to area51, so maybe there's already been some work done in this regard and I'm not aware of where to see it.
Re: [RFC|Accepted] Auth Plugin Refactoring & User Integratio
Will you be posting commit links?naderman wrote:Nope, but I'm about to start working on it.
Also, will there any other auth modules offered at launch? Several forums I work with want to offer "Facebook Connect" in addition to standard login.
-
- Registered User
- Posts: 1
- Joined: Thu Feb 03, 2011 9:16 pm
Re: [RFC|Accepted] Auth Plugin Refactoring & User Integratio
I registered this account to say 'this is a great idea!'
I'm starting to develop a site and I'm looking for a SSI solution for a forum, a wiki, and a CMS. I'm a novice at all of this but it looks to me like OpenID would be really nice to use with those tools.
I'm starting to develop a site and I'm looking for a SSI solution for a forum, a wiki, and a CMS. I'm a novice at all of this but it looks to me like OpenID would be really nice to use with those tools.
-
- Registered User
- Posts: 2
- Joined: Tue Jul 26, 2011 1:16 am
Re: [RFC|Accepted] Auth Plugin Refactoring & User Integratio
i'm not sure of the scope of what y'all are planning to do with this refactoring but if y'all could make it much easier for gpl'd cms' such as cms made simple's user authentication systems/modules to interoperate that would be extremely appreciated. it would be most desirable to have the possibility of using either system the site admin chooses on the front end and have user registration, login/out, groups, and group permissions(where possible) all synced on the backend using whichever system invisibly.
there used to be a user tag for cmsms that purportedly allowed some of this functionality but that was for old(2006) versions of cmsms and phpbb. And new users(like me) ever since have been confusedly clamoring for this not so simple functionality. If it's already fairly easy through hooks y'all have already implemented than forgive my ignorance as i have not seen this documentation yet and might not be able to use it if i did.
there used to be a user tag for cmsms that purportedly allowed some of this functionality but that was for old(2006) versions of cmsms and phpbb. And new users(like me) ever since have been confusedly clamoring for this not so simple functionality. If it's already fairly easy through hooks y'all have already implemented than forgive my ignorance as i have not seen this documentation yet and might not be able to use it if i did.
Re: [RFC|Accepted] Auth Plugin Refactoring & User Integratio
I concur! Excellent Idea!therealplato wrote:I registered this account to say 'this is a great idea!'
I'm starting to develop a site and I'm looking for a SSI solution for a forum, a wiki, and a CMS. I'm a novice at all of this but it looks to me like OpenID would be really nice to use with those tools.