| A3M - Account Authentication & Authorization Module |
[eluser]Peng Kong[/eluser]
[quote author="enatom" date="1270363746"]Im willing to create documentation for this[/quote] thanks enatom. you can do it on the google code wiki. let me know if you're not having access to do so... how do i make it free for all to edit or is that already the default? http://code.google.com/p/a3m/
[eluser]Peng Kong[/eluser]
[quote author="enatom" date="1270407361"]I had an issue earlier, but I fixed is by disabling the SSL feature. I have a question though, is A3M folder supposed to go outside of your main application/system folder as a new application, or is this supposed to be your main application where you develop the entire site... because I need control panel and a front end for the website? so instead of it becoming Quote:blah.com/a3m/it becomes Quote:blah.com[/quote] of cause there are 101 ways to do it. do the the way you want to... the way you like too  that's the beauty of CI.the way i recommand is... juz rename a3m to <insert-your-website-name> then you'll all good to go! with a ver 1.7.2 CI, proper folder structure, .htaccess file and a3m included as a module... with modular extentions... even jquery and gs960 is include (in a way it can be easily removed for those using something else)
[eluser]Peng Kong[/eluser]
[quote author="enatom" date="1270417092"]Also, I don't think you should allow users to Change their username... becuase I'm trying to create something like this www.blah.com/username ... so their profiles are viewable, and that can't happen if they're able to keep changing it.[/quote] ok i've strong reasons why we SHOULD allow your users to change their username. 1) it's good usability. yahoo doesn't allow me to change my username and that's to me crap! i'm stuck with the lame username i choose a decade ago... but i can't junk my account easily cuz i used it to sign up for so many other stuff. Bad usability. 2) Twitter allows us to change username even though it gives us a nice url (e.g. http://twitter.com/cHaOs_pk). They reason they allow it is because it isn't a problem to change username if you design the system correctly. You change username your URL changes. that's the control we give the user... which is the 3rd point. 2) Give users full control. protect them from screwing themselves over permanently but do it without taking away control. basically imho 'it can still happen' even if you allow users to change their usernames.
[eluser]Peng Kong[/eluser]
hey everyone, thanks for all the interest on a3m so far. here's the little road map for a3m. currently everything on a3m is either on 1) this thread (http://ellislab.com/forums/viewthread/144755/) 2) google code (http://code.google.com/p/a3m/) 3) a3m's up and coming blog (http://a3m.sirwan.me/) by sirwan.me 4) live demo @ (http://it.euphoriatwentythree.com/projects/a3m/) I will want to totally streamline the maintenance of all these things. (1) CI forum should be use for discussion (new thread) (2) Google code should be used for documentation (wiki), bug tracking and code (svn) (3) A3M blog should be used for news, updates, and everything chronological. (4) Live demo. (can someone volunteer to maintain a fully working demo of the latest version of a3m. just get latest version for google code.) the only key thing left undone atm is Role based ACL. I will need some time (only start in a week or two) to start on it as im busy atm. someone else can start on it first if they want  Once we're done with the ACL part. we just need to stamp out all the bugs and look very deeply into security. We also need to allow sites using a3m to be both "OP" and "RP" for openid and both server and client for oauth. then it's only about keeping up with changes to the openid and oauth specs, since they are still evolving. Another thing I want to look into is even further increasing flexibility and customizability for the programmer. Meaning a3m should be usable for 99% of all use cases and easily customizable to as many use cases as feasibly possible. All websites dealing with users should be able to use a3m... or to put it another way... all of us, no matter what kind of websites we are creating, if it deals with users, we want to use a3m as a base to speed up development. That's the goal. feel free to contribute your thoughts.
[eluser]loosetops[/eluser]
Installing the sql completed with these two errors. Quote:[Err] 1231 - Variable 'character_set_client' can't be set to the value of 'NULL' I would have ignored the above sql errors but I also get this error when I go to http://domain.com/a3m/oauth/apps. Quote:Fatal error: Uncaught exception 'OAuthException2' with message 'No OAuthStore for mysql (file /homepages/37/d248106511/htdocs/domain/a3m/application/modules/oauth/libraries/oauth-php/library/store/OAuthStoremysql.php)' in /homepages/37/d248106511/htdocs/domain/a3m/application/modules/oauth/libraries/oauth-php/library/OAuthStore.php:76 I don't know what is supposed to be at that page as http://it.euphoriatwentythree.com/projec...oauth/apps shows an empty page. Other than that I have managed to login successfully using google without https. I'm yet to try others. Quote:All websites dealing with users should be able to use a3m… or to put it another way… all of us, no matter what kind of websites we are creating, if it deals with users, we want to use a3m as a base to speed up development. That’s the goal.Amen to that.
[eluser]Peng Kong[/eluser]
[quote author="loosetops" date="1270569185"] [Err] 1231 - Variable 'character_set_client' can't be set to the value of 'NULL' [Err] /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; [Err] 1231 - Variable 'collation_connection' can't be set to the value of 'NULL' [Err] /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; [/quote] 1) Sorry, i'm not sure about the SQL error... but i think it can be ignored safely. anyone? Quote:I would have ignored the above sql errors but I also get this error when I go to http://domain.com/a3m/oauth/apps. 2) wow... you own domain.com Quote:Fatal error: Uncaught exception 'OAuthException2' with message 'No OAuthStore for mysql (file /homepages/37/d248106511/htdocs/domain/a3m/application/modules/oauth/libraries/oauth-php/library/store/OAuthStoremysql.php)' in /homepages/37/d248106511/htdocs/domain/a3m/application/modules/oauth/libraries/oauth-php/library/OAuthStore.php:76 3) hmm... you said below you can sign with Google. so when does this error occur? Quote:I don't know what is supposed to be at that page as http://it.euphoriatwentythree.com/projec...oauth/apps shows an empty page. 4) Ignore the demo. it's showing a blank page because of errors because my hosting configuration is wrong which i'm too lazy/busy to fix. but i assure you oauth is working fine (at least on my local environment) Quote:Other than that I have managed to login successfully using google without https. I'm yet to try others. 5) thanks for informing me that "google without https" is possible. Quote:Quote:All websites dealing with users should be able to use a3m… or to put it another way… all of us, no matter what kind of websites we are creating, if it deals with users, we want to use a3m as a base to speed up development. That’s the goal.Amen to that. 5) Yep doesn't make sense that everyone has to write their own solution to such a common problem
[eluser]Peng Kong[/eluser]
another note on usability. i studied facebook and twitter quite a bit before coming up with a3m. and the reason is becuz they are the biggest, fastest growing user centric websites around. and what users are familar with is one step ahead of something new/different. authentication is a necessary evil so it should be easy and as far as possible transparent to our users. They do NOT visit our websites with the intention to authenticate but do we at times make it so hard they end up leaving before they even started? that's the reason why a3m is "as simple as it gets". please don't ask me to add another 100 fields to the sign up or sign in process. =P
[eluser]loosetops[/eluser]
Code: Fatal error: Uncaught exception ‘OAuthException2’ with message ‘No OAuthStore for mysql (file /homepages/37/d248106511/htdocs/domain/a3m/application/modules/oauth/libraries/oauth-php/library/store/OAuthStoremysql.php)’ in /homepages/37/d248106511/htdocs/domain/a3m/application/modules/oauth/libraries/oauth-php/library/OAuthStore.php:76This error occurs when I go to http://domain.com/a3m/oauth/apps, which for your demo is an blank page, that is masking your hosting errors. Is there any chance that the errors you are blanking are the same as mine. My goal is to create a comment widget similar to http://js-kit.com/.
[eluser]Peng Kong[/eluser]
my error that caused the blank page is becuz my source of randomness (dev/random) isn't supported or correctly configured on my server. on my local environment. it works cuz im not using *nix but windows which doesn't have a source a randomness so i ignore randomness. juz on logging to "1" in your config and and check the error message. if you facing my issue it will turn up in the logs.
[eluser]Peng Kong[/eluser]
good idea... i will add "generating optional sign in widget" to the road map. that's kind of easy to do. |
| Welcome Guest, Not a member yet? Register Sign In |
