gae-boilerplate icon indicating copy to clipboard operation
gae-boilerplate copied to clipboard
verified publisher icon coto

finish and cleanup OpenID and OAuth workflow

Open peta15 opened this issue 13 years ago • 2 comments

  • handle user profile setup on first time login via OpenID (for example how do they add a password when it requires a current password - do they have to do the password reset?)
  • where social user is created to add a new provider to a user, we should be using user.add_auth_id('provider:uid')
  • refactoring, cleanup, and unit testing if necessary

peta15 avatar Jul 27 '12 04:07 peta15

@peta15 what point of these are missing in your opinion?

coto avatar Oct 08 '12 06:10 coto

some of the workflow needs work. for instance if you login with open id to a new account the username in upper right corner is @None. You cannot create a password because you dont have a current password. Where social user is created to add a new provider to a user, we should be using user.add_auth_id('provider:uid'). If you only have one openid or oauth account and you remove it then you lose the account so we need to disable the ability to remove all forms of authentication. So the whole process still requires some work to make it smooth.

peta15 avatar Oct 08 '12 18:10 peta15