weitzman at tejasa.com
Sun Feb 12 22:05:11 UTC 2006
> Here is a link to the current module source, which is under fairly
> heavy development:
Looks quite modern and Drupalish. Nice.
> - The plugin declares a block hook and provides a one-field OpenID
> login form that appears in the left navbar. The module is not
> really an authentication module because it doesn't declare an
> appropriate authentication hook (username at server syntax won't work
> for OpenID). Various other callbacks in the module handle the
> OpenID authentication steps and set $user when appropriate.
sure - your approach looks reasonable to me.
> - If you log in with an OpenID and don't have a local Drupal account,
> an account is created for you with the appropriate authmap record.
> However, you'll be prompted for an email address upon successful
> OpenID authentication *before* the Drupal account is created. (My
> goal here is to make sure any kind of profile info needed is
> collected before the OpenID-auth'd user is allowed into Drupal.)
you might make this extra step optional. i think it is a hassle to provide
an email address for a random site. current drupal auth creates accounts
without an email address. drupal does not require email address if the
account is created via code (the web ui requires email address)
> - My major concern is how to blend OpenID with existing accounts so
> users can choose to use OpenID for their accounts.
I think we're going to have to require that the user be logged into his
current drupal account in order to do this. If so ...
Typical distributed auth modules in Drupal let a user edit his specifics for
the remote site from his profile page. OpenID could provide an url textfield
on the user profile page (see hook_user('form')). It could use
hook_user('validate') to check the provided if needed. Thus we give a way
for existing users to add openID to their account.
How much is involved in implementing the server side ofopenID? Can it be a
Drupal module? One feature I like about current Drupal is that every site is
instantly a client and a server for DA.
More information about the development