On Thu, Oct 11, 2012 at 4:33 PM, Daniel Friesen <dan...@nadir-seen-fire.com> wrote: > I was thinking about this recently too. Though I started thinking from the > login form perspective. > > Things we should have: > - Good build-in support for both single-authentication (everyone is in the > user database, or everyone in ldap, etc...) and multi-authentication (some > users are local, some are OAuth, others may be LDAP) and also the > possibility of multiple auth types for one user. > - A real abstract login form that lets extensions and auth systems simply > add fields to the login/creation form without having to re-implement it and > not work with other similar extensions. > -- Perhaps also some meta information from auth plugins that let us say on > the login form that a wiki is using LDAP or something. > - Explicit support for auth systems using something other than the username. > - Real support for auth systems involving a 3rd party. ie: Involving > redirects such as OAuth, OpenID, and simple 3rd party login where the login > link directs you to the login page of some forum, you get sent back, and > somehow the extension knows what the session is. > - Login form support for multiple authentication systems on the same wiki, > incl. support for OAuth and OpenID like logins. > > That last one was the tricky one to figure out. >
Whatever is done, can it please be done as a refactor, rather than a rewrite? - Ryan _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
