A3M - Account Authentication & Authorization Module

[eluser]Peng Kong[/eluser]
Thanks for the pointers Isemel!

1) Yep user guide is lacking atm. i have to work on that.
2) ok let me see how i can change that
3) authentication failed is due to openid lib not being able to call the openid endpoint. you should check error logs and see if there's anything.
4) This is surely a bug! i will fix this.
5) Yes it's not suppose to appear. because if you remove your LAST linked account there is not way to signed in anymore! at anyone time you must have at least 1 account linked to your a3m account. BUT i think i forgot to allow users to remove ALL ... IF ... they are using a native a3m account. i'll change that.
6) facebook provided email will never == the email they registered originally. they facebook email is anyway [email protected] or something... basically fb masks the email. Also it is designed such that emails can be shared by different accounts and is not a primary key. If you read back a few pages of this thread i explain why it was design this way.
7) Nope. but now that you're asking i might consider giving such an option. However there are MANY problems to doing that. so again it might not happen. E.g. i registered with YOUR email... now u can't register with your own email. That means we must FORCE email verification. meaning reducing the ease to signin/signup. among many other reasons too, but i wont go into it. At the end of the day we need to take a few steps back and ask yourselves what the purpose of emails / unique emails serve. I weighted everything and decided non-unique emails are the way to go.
8) For this you have to understand the purpose of OpenID. I won't go into details again. in short YOU as a USER shouldnt be typing / managing passwords on 100 websites cuz u use 100 websites... u shouldn't be reusing your password 100 times over too. that's where OpenID comes into the picture. Decentralization of authentication. If u sign in via say twitter... u don't need to, and if fact you shouldn't, manage a password on 'a3m'. meaning a3m will take that you are YOU (basically that's authentication) cuz Twitter says so (OpenID). that reliefs you the user of the need to create / reuse a password! = better userability and increased security.