Account Cards for Users
Idea
+issues
The support for authentication needs to be modularized and moved to cards plus plugins.
+solution
A large part is this is on the new_traits branch already. User model and users table is mediated by class methods in accounts.rb (currently in app/models, but likely to move). At this point it supports finding the user's authentication object (card.user on +*account cards) by email (and implicitely, by the account card and it's trunk, the "card with account", cannonnically a User card or WagnBot and Anonymous built-in cards). Current Wagn configuration is to only use email as the external key for accounts. This is how it will stay, and Wagn can be configured for other login keys (User name, etc.)
The bigger fish is alternative authentication providers, twitter, google, facebook, open-auth and so forth. The will have a greater variety of attributes and keys required and available.
We need to now bind everything through the account cards and factor out the special admin and account controllers. Patterns and sets related to the +*account cards will provide the additional and custom attributes for the particular auth providers.
It may make sense to use plugins that extend a new cardtype with its custom attributes and methods.
I think this means that the User model needs a cardtype, User is taken, so maybe WagnUser, or WagnAccount ?
+example
so for our current system we need:
email, crypted password, salt
for twitter we need:
handle
... and then... how does it work? we just need site-specific twitter details at that point? I assume we want to store that stuff in cards too?
consumer key / consumer secret
I suppose my sense is that a given card can have only one account, though it may have multiple sign-in methods. Is that what you're thinking?
if so, I think I would suggest that it should looks something like this:
Gerry+*account (perhaps the content of this card can be the account status? there will only be one status; if blocked, it's blocked for all signins)
Gerry+*email each account can only have one authoritative email, no?
Gerry+*twitter (via packs). content is handle, eg @ddenizen
Gerry+*openid (via packs). content is openid url.
And then, there is a root level
*twitter key
*twitter secret
What about openid? Gotta to be some extra info there somewhere, right? :)
+discussed in support tickets
+relevant user stories