Future signup page idea #22

New Issue

Open

opened 2021-08-18 20:00:16 +02:00 by BodgeMaster · 1 comment

BodgeMaster commented 2021-08-18 20:00:16 +02:00

Collaborator

see title

see title

BodgeMaster added the

ToDo

label 2021-08-18 20:00:31 +02:00

BodgeMaster referenced this issue 2021-08-18 20:00:58 +02:00

Create secure and configurable signup feature #20

BodgeMaster added the

Priority: Normal

label 2021-09-02 06:23:43 +02:00

BodgeMaster commented 2021-09-09 11:21:06 +02:00

Poster

Collaborator

I have an idea regarding this:

Have sign up and user authentication controlled through a specified interface so that it is easy to create modules that hook into it instead of handling that inside ThreadR. There would still be a users table for everything else except authentication.

This would allow for things like "sigh up with GitHub / Google / whatever" or allow the admin who hosts an instance to run a CAPTCHA or verify email addresses externally.

ThreadR would only ship with three simple modules: "default", "default no CAPTCHA" and "default login only".
The "default" module would only accept a user name and a password as signup information and present the user with a CAPTCHA on user creation. The "default no CAPTCHA" is the same module just with the CAPTCHA stripped out and the "default login only" is the same but with signup stripped out completely.

While I would want ThreadR to support multiple modules being loaded at the same time, only the "default" module would be enabled by ... default.

I have an idea regarding this: Have sign up and user authentication controlled through a specified interface so that it is easy to create modules that hook into it instead of handling that inside ThreadR. There would still be a users table for everything else except authentication. This would allow for things like "sigh up with GitHub / Google / whatever" or allow the admin who hosts an instance to run a CAPTCHA or verify email addresses externally. ThreadR would only ship with three simple modules: "default", "default no CAPTCHA" and "default login only". The "default" module would only accept a user name and a password as signup information and present the user with a CAPTCHA on user creation. The "default no CAPTCHA" is the same module just with the CAPTCHA stripped out and the "default login only" is the same but with signup stripped out completely. While I would want ThreadR to support multiple modules being loaded at the same time, only the "default" module would be enabled by ... default.

BodgeMaster changed title from scrap whatever is going on with the signup page rn, receiving an email is not a secure sanity check for us to Future signup page idea 2023-01-07 01:30:56 +01:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

reset

master

Labels

Clear labels   

#19

The ideal label to put on all the things that look kinda hack...   

Bad Style

Convention violations and just overall bad style   

Broken

A bug that compromises usability   

Bug

Unexpected behavior that doesn't compromise usability   

Migration

Issues related to moving ThreadR from its old home as the main page on LostCave to a new server and a new domain   

Network

Network issues that need to be addressed   

Priority: High

high priority   

Priority: Low

low priority   

Priority: Normal

normal priority   

Priority: URGENT

Do ASAP   

Suggestion

"No pressure, it's fine."   

ToDo

Does this really need an explanation?   

nofun

Nobody wants to deal with this.

No Label

#19

Bad Style

Broken

Bug

Migration

Network

Priority: High

Priority: Low

Priority: Normal

Priority: URGENT

Suggestion

ToDo

nofun

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: root/threadr.lostcave.ddnss.de#22

There is no content yet.