Hi, Mozilla is dropping Persona and shutting it down later this year [1].
Postorius and Hyperkitty will have to drop it, and use something else as a default login mechanism. I propose using the django authentication system by default and making it easy for people to add other authentication methods. If we go with django authentication we can either build everything ourselves (I did it for a couple of projects myself) or use some provided project. This is because django doesn't offer registration views and email confirmation. Also password changing and password resetting will have to be added. I know of two projects that do that already: django-user-accounts [2] It's part of the pinax platform, but can be used independently of the other components. It comes with everything we need and not much more. Note that the profiles of django-user-accounts can contain additional emails, which we probably don't want. It's officially supporting django 1.8 and 1.9. I'm not sure about our django dependency policy but since upstream has marked all pre 1.8 as being out of date, I think that we can move on as well... django-userena [3] Pretty much the same as django-user-accounts but it has additional "features" like messaging which we definitely don't need. It's not yet django 1.9 compatible but there is a merge request that adds support for it. Since we have two projects to maintain, I'd rather go with an external app. I guess it would be easiest to have exactly the same configurations for Postorius and Hyperkitty. In order to not duplicate any templates and other code, I'd propose to create a third project that has all the account functionality and put everything we need in there. In case we go with doing everything ourselves, I guess it's still better to create a separate app for that. My personal favorite is django-user-accounts for which I have some basic functionality in a merge request for Postorius so you can have a look at what needs to be changed. [4] Regardless of what approach we choose, we should also think of migrations. Existing internal django accounts can be easily migrated. We'll have to choose if we want to migrate the "social" accounts as well or just tell people to sign up again. We still have time for the transition, but I'd prefer dropping persona before the 3.1 release if that happens to come before the shutdown. What do you think? Simon [1]: https://wiki.mozilla.org/Identity/Persona_Shutdown_Guidelines_for_Reliers [2]: https://github.com/pinax/django-user-accounts [3]: https://github.com/bread-and-pepper/django-userena [4]: https://gitlab.com/mailman/postorius/merge_requests/73 _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
