| From: | Dave Page <dpage(at)pgadmin(dot)org> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | PostgreSQL WWW <pgsql-www(at)postgresql(dot)org> |
| Subject: | Re: Google signin |
| Date: | 2017-07-12 13:31:50 |
| Message-ID: | CA+OCxoz+5VpSi0ZPVMFt-R1GJX+Zq=QvnuZkLTx0PRGQ1gEmBg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
On Wed, Jul 12, 2017 at 1:35 PM, Magnus Hagander <magnus(at)hagander(dot)net>
wrote:
>
>
> On Wed, Jul 12, 2017 at 2:30 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>
>>
>>
>> On Wed, Jul 12, 2017 at 1:23 PM, Magnus Hagander <magnus(at)hagander(dot)net>
>> wrote:
>>
>>> I'm working on Cleaning Up Some Old Branches (TM) in the pgweb
>>> repository, and found one I did during some airport hacking that I forgot
>>> to post to people about.
>>>
>>> It's been discussed a couple of times that we should perhaps support
>>> Google signin for community auth.
>>>
>>> Basically, the idea behind it would be that on the login page you would
>>> both have the regular userid/password box, and also a button for "sign in
>>> with google". If somebody signs in with Google, it would automatically
>>> match it to their community account based on email address (since Google
>>> doesn't have the concept of a separate userid, and even if they did that
>>> would open up all sorts of hijacking vulnerabilities). If they didn't
>>> already have a community account, we'd offer to create one automatically
>>> and copy the main information over from the Google profile.
>>>
>>> My implementation so far, which does the login but not the provisioning
>>> of new accounts yet, is about 50 lines of python/django and 25 lines of
>>> javascript. So it's not very difficult to do.
>>>
>>> The bigger question is - do we *want* to do this?
>>>
>>
>> I think it's a reasonable option, though it would open up debate on what
>> else to support. GitHub springs to mind...
>>
>>
> Or facebook. Or twitter. Or Microsoft. Or whatnot.
>
Exactly.
>
> But of all of them to pick, Google is probably the best one to start with
> at least, given the largest coverage (at least of people who are willing to
> use it for this).
>
> I wouldn't object to supporting others as well, but it's not part of what
> I've hacked on so far :)
>
Right.
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2017-07-12 13:53:11 | Re: Supported Windows version for the Windows installer |
| Previous Message | Magnus Hagander | 2017-07-12 12:35:29 | Re: Google signin |