P2PU Login/Signup flow

Hey @Erika

You mentioned that you started working on the login/signup/mailing list app. I put some thoughts on a diagram:

This is how typical registration for an application with a server side component could work. What are your thoughts?

The idea is that this process will set a SSO cookie that will allow users to automatically be logged in on http://discourse.p2pu.org and http://community.p2pu.org (and potentially on any other *.p2pu.org domain).

I haven’t thought through the flow for an app without a server side component yet.

Hey Dirk, this is a good visual of what the process should be, but I am wondering about how could we keep users profiles. And in case users are using different mail address, they get completely new profile on discourse.

What are your thoughts on that?

Mmm, I wouldn’t want to keep profiles other than what tools using SSO do (like Discourse).

Do you think it’s a reasonable expectation for a user to have -> to be able to log into the same account using two different email addresses? When using a Google Account to log in you typically have to use the same one.

Lets maybe keep it simple for now and see if it become a problem?

That is true about Google, but they are providing a User Profile functionality where you can set a secondary email address to which you can use to retrieve a password.

I am just thinking of people who are operating with more than one email address (I happen to be one of them), who forget which email is connected to which account (I happen to be even more one of those :smile:) and then it is possible to operate with multiple accounts in discourse (meaning that security levels would not match, etc.)

I am failing to see how we could couple email addresses together and run them under one account as we would have nothing else to bind them with.
I mean, I am failing to see this, but if you have any ideas, don’t be shy.

The development I did so far https://github.com/ercchy/p2pu-sso
I did use the regular registration flow with passwords, just because I wanted to test the discourse integration firmly.

My plan is to start working on the email-based login soon (today), I only need to put multiple discourse entities support.

That looks good!

I think Discourse only supports 1 email address per user profile and the email is used to identify users. According to the SSO docs from Discourse, we require 4 pieces of info for a user:

name: sam
external_id: hello123
email: test@test.com
username: samsam

We could implement setting a secondary email but always revert to using the primary email when logging into discourse. This sounds like a good second step after we get the basics deployed and working.

ps. Could you please either transfer the repo to the P2PU GitHub account or overwrite this repository with your code and rename the repo?