Re: Authentication

From: Thomas Wood <thos gnome org>
To: Bruno Santos <bmfs eksperimental net>
Cc: artweb-list gnome org
Subject: Re: Authentication
Date: Fri, 8 Jun 2007 09:12:06 +0100

On Fri, 8 Jun 2007 00:58:34 +0100
Bruno Santos <bmfs eksperimental net> wrote:

> Hey,
> 
> I've just committed the first lines of code of AGO :)
> 
> I've implemented some basic features of the Authentication Library,
> i.e.
> 	* Set/Get user Permissions
> 	* Verify User Permissions for certain Role
> 	* Authenticate user in the system (, although this isn't
> complete yet).

Great! I spoke to Jeff Waugh about using OpenID and he seemed
to think it may be possible to use OpenID for the new blogs.gnome.org
(which will use wordpress). Are you still planning on integrating
OpenID support?

> 
> User Roles are being declared in a config file(/system/application/ 
> config/authentication.php).
> 
> We need to decide what roles we want represent with the ACL. We  
> discussed that sometime ago but I don't remember what we came up with.

Well, I guess we need at least Anonymous, Normal, Artist/Moderator and
Administrator?

> I'm using CI DB Sessions(+ plus some alterations) to implement  
> Authentication.
> This is more secure than regular cookies but also increases accesses  
> to the database :s

One thing about the current session support is that it only stays
authenticated for 24 hours or so. Will this system allow people to stay
logged in for longer between sessions? Personally I prefer not to have
to log in every time I visit the website, even though this is probably
not so secure.

Regards,

Thomas

References:
- Authentication
  - From: Bruno Santos

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]