Add Persona Log in to Diaspora

@Jason Not to mention we already allow linking to Facebook accounts. As someone who uses both, I’d have to say Mozilla’s privacy policy (and the way they treat your personal information in general) is much more acceptable than Facebook’s.

As a general principle anything making it easier to join a D* pod should be done IMHO. Hell, why not even creating an account by using your Facebook or Google credentials.

But we have to remember to make sure in any option (Persona too) that the user should be able to switch their log in method to a pure D* account if for example they stop using the other service. I think this is critical.

“Altruism - if some log in feature is added no one forces you to use it :slight_smile: So voting should be based on whether this would make D* more better and accessible - not on personal usage patterns :)” Aha, I have not voted or expressed something that would indicate on the contrary. I do not understand why you are telling me this, care to explain?

altruism, just referring to your comment on whether Persona log in possibility will endanger your data. So I assumed you we’re considering your own data relating to this proposal.

Sorry if my assumption was wrong.

So, is someone who know how the actual log in works want to work with me on that ?

I never contribute nor look at the Diaspora code for the moment…

I think if we include it, we should be very clear about safety and privacy. Some people present are more open, which is fine, but I think we should be able to explain to users what the risks/benefits are for using this.

Disclosure is an honorable thing and it creates trust, and that’s what will bring in more users. Not convenience.

That’s why I proposed Persona. Mozilla is a foundation and I trust in it.

Flaburgan, it has to be clear to new users that he/she can trust Mozilla. Not everybody is involved in the Mozilla Foundation as you are :slight_smile:

True, but I’d think most people know what Mozilla is thanks to Firefox. The real question is, how do they know (without visiting that Persona is run by the same people who brought us Firefox? :slight_smile:

I don’t know what the issue with trust is since only people who already have a Persona log in are likely to use this option :wink:

It’s like a “Log in with Facebook” button. Only people with Facebook accounts are going to press it.

So, here we go ?

Then we just wait for someone to code it :slight_smile:

What would be particularly interesting wouldn’t just be having Persona to log in to a pod. I think it’d be really interesting if we could modify Persona for, say, decentralized app authentication. Just put in your Diaspora handle and password to log in to a site, and it could work similarly to “Log In With Facebook”, only it’d be decentralized. Maybe other socnets could use it as well somehow, then we might just have a standard, secure way of authenticating apps using whatever decentralized platform you want.

There’s already a decentralized method for authentication: OpenID. I bet there’s a gem or so to make a rails app an OpenID provider. If not might be worth creating one instead of hacking a unsuited protocol. Might look into that if the pressing refactoring stuff is done (or I’m bored of it :P). Shouldn’t stop anyone from trying earlier.

Interesting! I just finished reading a basic comparison between OpenID and oAuth, what benefits does OpenID provide that oAuth falls behind on?

Also relevant: I’ve found a gem for adding Persona login to Rails apps. If we want Persona on pods for just user login, this might provide something interesting:

It looks like it actually might be fairly trivial to implement. Might merit some experimentation?

Uhm did you read everything? Steven already linked Dennis devise strategy :wink:

Back to OpenID vs oAuth: OpenID is as said decentralized. oAuth requires the clients to have some key and secret beforehand therefore we would need to hack the oAuth flow (what we did for a while but DInc removed that again) to allow automatic client registration. Requiring the client developers to register at every possible pod and every new pod popping up is… highly unrealistic.

Was much farther down in the conversation; admittedly I missed it on mobile. :wink: I’ll check it out.

As for the problem of having to register every possible pod: totally makes sense. That would be a nightmare to deal with, at least without that hacked flow.

Apparently, we got rid of the oauth_provider gem due to circular dependencies. Either way, we can agree that a better implementation than a hackified oAuth is needed in the long run.

“I think it’d be really interesting if we could modify Persona for, say, decentralized app authentication”

No need to modify Persona : it just links your browser with your email, so in every website which support it, you are logged.