Re: Google signin

On Wed, Jul 12, 2017 at 4:16 PM, Jonathan S. Katz <jkatz(at)postgresql(dot)org>
wrote:

>
> On Jul 12, 2017, at 8:30 AM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>
>
>
> On Wed, Jul 12, 2017 at 1:23 PM, Magnus Hagander <magnus(at)hagander(dot)net>
> wrote:
>
>> I'm working on Cleaning Up Some Old Branches (TM) in the pgweb
>> repository, and found one I did during some airport hacking that I forgot
>> to post to people about.
>>
>> It's been discussed a couple of times that we should perhaps support
>> Google signin for community auth.
>>
>> Basically, the idea behind it would be that on the login page you would
>> both have the regular userid/password box, and also a button for "sign in
>> with google". If somebody signs in with Google, it would automatically
>> match it to their community account based on email address (since Google
>> doesn't have the concept of a separate userid, and even if they did that
>> would open up all sorts of hijacking vulnerabilities). If they didn't
>> already have a community account, we'd offer to create one automatically
>> and copy the main information over from the Google profile.
>>
>> My implementation so far, which does the login but not the provisioning
>> of new accounts yet, is about 50 lines of python/django and 25 lines of
>> javascript. So it's not very difficult to do.
>>
>> The bigger question is - do we *want* to do this?
>>
>
> I think it's a reasonable option, though it would open up debate on what
> else to support. GitHub springs to mind…
>
>
> Would this work with @postgresql.org accounts? AFAIK they are not
> configured with Google services.
>
>
You can create a Google account with your @postgresql.org email address.
You just can't use it to receive email, but other things works.

That said, this is not intended to *replace* the username/password login
part, it would be ina ddition to it.

--
Magnus Hagander
Me: https://www.hagander.net/ <http://www.hagander.net/>
Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>