Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Account ideas #1

Open
skyem123 opened this issue Sep 5, 2015 · 11 comments
Open

Account ideas #1

skyem123 opened this issue Sep 5, 2015 · 11 comments

Comments

@skyem123
Copy link
Member

skyem123 commented Sep 5, 2015

  1. Accounts should have "authentication methods" which have the details needed for authentication
  2. Accounts should be able to have a "see other" that links to another account, that when set, the API ignores this account and goes onto the one linked.
  3. Merging two accounts would only be allowed if the accounts to be merged don't share types of authentication method (though maybe it would if the authentication methods were exactly the same?) and would set the "see other" thing on one of the accounts being linked.
@RX14
Copy link
Contributor

RX14 commented Sep 5, 2015

What is the use case for linking accounts rather than merging them?

Also two accounts can't have the same oauth login because then how do you log in?

@RX14
Copy link
Contributor

RX14 commented Sep 5, 2015

About authentication methods, Google etc. Will just verify that user x has email y and we log them in by email. I'll work this out once the site is going well, but I'll be away for a few days.

@ghost
Copy link

ghost commented Sep 5, 2015

Why not have a list of auth details per account, and disallow adding an account with details that are used elsewhere? Why link anything?

@RX14
Copy link
Contributor

RX14 commented Sep 5, 2015

That was the idea @gamemanj, have a unique index on the auth columns

@ghost
Copy link

ghost commented Sep 6, 2015

Auth details should probably be in a seperate table to actual accounts, and auth details should depend on accounts. From a UI perspective, "register" and "log in" need to be separate operations, and there needs to be a "link" operation which creates another auth-details object linked to the same account.

@RX14
Copy link
Contributor

RX14 commented Sep 6, 2015

What is the advantage to having a seperate table rather than jsut adding columns to the users table?

@ghost
Copy link

ghost commented Sep 6, 2015

Well, if you have a way of containing a /list/ of auth details (not just the one), then feel free to use that.

@ghost
Copy link

ghost commented Sep 6, 2015

As for the "see other" flag, what happens if account A makes something, then gets see-other'd to account B, which has also made something?
A simple pass-through would mean the accounts would need to be merged for correct behavior.

@RX14
Copy link
Contributor

RX14 commented Sep 6, 2015

Why do we need a list? We would have to add support in the codebase for each new auth method, why not also some extra columns?

@ghost
Copy link

ghost commented Sep 6, 2015

That works, assuming that nobody has 2 of any given account type, but that's a reasonable assumption to make.

@RX14
Copy link
Contributor

RX14 commented Sep 6, 2015

Yeah, we would only support a few things such as Google and twitter, I don't see us adding more than 3 oauth auth methods.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@skyem123 @RX14