| A3M - Account Authentication & Authorization Module |
[eluser]Naatan[/eluser]
Yeah Vanilla forums is really nice for a website that just needs to have some simple forums to support its community. Messing with the css is hell though.. they could really have made that easier. Just out of curiosity, what will oauth add to a3m that it doesn't already have? And thanks for keeping us up to date  Looking forward to 0.5
[eluser]Peng Kong[/eluser]
with v0.5 only authentication (via traditional username/password, OpenID and Facebook Connect) plus account management (managing username, password, emails, etc) is done. oauth is basically the authorization part. It's authorization delegation to third parties. meaning third party website can request your users to share their data residing on your website. most people won't be too concerned with this, unless you're offering a API like twitter, flickr, vimeo, etc the other part which more people will be interested in will be role based access control. meaning having users who are admins, moderators etc. i.e. only 'admins' can access website settings page. only 'moderator' can do something else, etc. You will get to define the roles and what each role can do on your website.
[eluser]Naatan[/eluser]
0.4 seems to already be supporting the major third party authentication services though. Which ones will oauth add? Definitely looking forward to role management that would really complete the module feature-wise.
[eluser]Naatan[/eluser]
Hey Peng, Wanted to let you know that the module seems to have some issues with SuPHP, seeing as SuPHP can't use the PATH_INFO variable properly I had to set it to use REQUEST_URI ($config['uri_protocol'] = "REQUEST_URI"; in your config). However I can no longer connect with Google. When I attempt this I get a really long url which results in a CI 404 page. Been trying to find a solution for about an hour now but it's getting too late.. will look further tomorrow.. just thought I'd let you know. Perhaps you have a solution .. You can see it for yourself here > http://www.wow-wishlist.com/account/sign_in
[eluser]Peng Kong[/eluser]
ok afew things. 1) Apparently your server allows http://www.wow-wishlist.com/account/sign...nid/verify/?janrain_nonce=whateverstuff but NOT http://www.wow-wishlist.com/account/sign...teverstuff. The difference is the / before "/verify". if you do a small hack and add that slash in yourself. i think it should work. 2) Google *MUST* use HTTPS else it's guaranteed to fail. 3) Your twitter callback url is set wrongly (www.twitter.com/oauth). It should be http://www.wow-wishlist.com/account/sign_in_twitter/verify?oauth_token=whateverstuff NOT http://www.wow-wishlist.com/?oauth_token=whateverstuff
[eluser]Peng Kong[/eluser]
oh wait i correct that... i mean why this can work - http://www.wow-wishlist.com/forum/catego...al?asd=asd but not http://www.wow-wishlist.com/account/sign_in/?asd=asd why can't my module controllers accept query strings? you just need to configure a fresh installation of CI that accepts query strings on your server. so it's not really a a3m issue. all a3m requires is that CI can accept query strings, because that's what OpenID requires.
[eluser]Naatan[/eluser]
Hi Peng, I did notice that sign_in/? seemed to work while sign_in? did not.. or at least semi-work as the authentication still did not complete. While testing the module locally I never used https and google authentication worked fine.. are you certain that you -NEED- https? And that the login isnt failing due to the extra dash ? I realize that this is a CI issue more than it is an A3M issue.. fact is though that everything else in CI is working.. ideally I'd like to find a workaround to get it working in A3M as well. Anyway, I'll do some more digging.. thanks for the input..
[eluser]Peng Kong[/eluser]
that's strange... im was quite sure that google -NEEDED- https. but now that you're saying u didn't use http as and it worked. im 90% sure lol. does the "other" parts of a3m work? cus' it should be a query string + codeigniter + server issue. if you can fix that everything should work. post back what you figure out k thanks!
[eluser]Naatan[/eluser]
It was a mod_secure issue. I contacted my host and they added an exception.. it's working now Now to get them to add an exception for the vanilla handshake script -.- sigh. Thanks for your time Peng
[eluser]codeninja[/eluser]
My quick thoughts: 1. The account signup should check for multiple emails. Currently it doesn't. 2. Can a user who already has an account able to connect his Facebook/Google/Yahoo/etc account with it? Forexample, if I already have an account and one day I decide to use facebook to login, can it give me two options: a) continue creating new account or b) login with previous account and the system merges them together? 3. Notification emails. I know you are not done but when will these be implemented? Thanks |
| Welcome Guest, Not a member yet? Register Sign In |
MENU
EXTRA MENU
ABOUT US
CodeIgniter is a powerful PHP framework with a very small footprint, built for developers who need a simple and elegant toolkit to create full-featured web applications.
