Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auto-register users and populate their attributes via LDAP durning authentication #43

Closed
phebal opened this issue Jul 2, 2018 · 1 comment
Closed

Auto-register users and populate their attributes via LDAP durning authentication #43

phebal opened this issue Jul 2, 2018 · 1 comment
Milestone
Open Access Week ...

Comments

@phebal
Copy link
Contributor

phebal commented Jul 2, 2018
edited
Loading

I don't think we need to store users' NetID in db, but maybe we should? I can use the email from LDAP to find the user in the database. However we'd need to disallow setting custom emails in user profile (obvious security hole.) What do you think @fenekku?

Auto-verify user's email.

Part of #1
@phebal phebal added this to the Sprint 1 - Basic deployed repo milestone Jul 2, 2018
@phebal phebal self-assigned this Jul 2, 2018
@phebal phebal mentioned this issue Jul 2, 2018
Closed
5 tasks
@fenekku
Copy link
Collaborator

fenekku commented Jul 6, 2018

NetIds are specific to Northwestern University, right? So I am not a big fan of storing them in our own database/creating a special use case unless there is a clear way to make this generalizable to everyone or it is a custom extension.

On the security implications, if we enforce email verification i.e. the user changes his/her email, we send them a verification token at their new address and they must click on it before we link them to their Netid or what have you, would that work?

@phebal phebal closed this as completed Oct 19, 2018
@saragon02 saragon02 mentioned this issue Jul 25, 2019
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Open Access Week 2018
Development

No branches or pull requests
2 participants
@fenekku @phebal