Hi Swapnil. See my answer to your previous thread: http://groups.google.com/group/opensocial-orkut/browse_thread/thread/af696b6d565e7397
Your application should offer some value to users who aren't members of your site and don't wish to register. Since it's your application, it's your prerogative to request that users sign in to your site before they can rate and post comments, although this might impede its popularity. It would be great if you allowed all users to rate and comment on items within orkut and offer a form so users can "link" their accounts so any ratings/comments they have added in your website appear in orkut and vice versa. In a nutshell, you should not require users to register but you can certainly provide incentives. To answer your second question, you should really take advantage of request signatures instead of using cookies. Any asynchronous HTTP requests sent to your back-end can be signed by the container (orkut in this case) so you can verify the authenticity of the request and the user who issued the request. If you're using form submission to post data, you can use the same technique to fetch a one-time token from your back-end and send it with the post request. Let me know if you have any more questions on any of this. I'm happy to help. :) - Jason On Sep 30, 11:29 am, Swaps <[EMAIL PROTECTED]> wrote: > Hi Jason, > > Since I am new bee I wanted to discuss 1 high level question. Our App > will be displaying certain items which allow users to save information > on our servers and rate and comment on different sections. On our site > we allow these operations for a registered user only. On our site, we > login the user and use cookies to make sure the user is logged in and > authenticated. > > So whats the best way to handle these operations on orkut. One way I > was thinking is when the user wants to perform any such operation in > our orkut app, we can ask him to link his orkut account with our site > account if he already has one or else ask him to register with our > site right from the orkut app. Is this a recommended experience? > > Also since our site uses cookies whats the best way to handle cookie > related operations on our backend servers? > > Waiting to hear from you. > > Thanks > Swapnil --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Orkut Developer Forum" group. To post to this group, send email to opensocial-orkut@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-orkut?hl=en -~----------~----~----~----~------~----~------~--~---
