-
-
Notifications
You must be signed in to change notification settings - Fork 7.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add oauth2 social login option #29
Comments
Excellent suggestion — we originally kicked the idea around of having oAuth as part of the core spec but decided against it to try and cut scope creep. oAuth implementations can vary between providers, frameworks, etc so broad support across all stacks would likely have been sufficiently difficult to create & maintain. That said, I think a good solution to this might be encouraging folks to fork the existing repo's and add on additional functionality (in this case oAuth, but #26 would also benefit from something like this). We can still list them in the main readme, but they could (& should) be maintained as separate repos (unless we end up changing the core spec to include oAuth, image uploading, etc). Would love to hear thoughts on this! |
My 50 cents: social login is very common task for real life apps. Login with facebook, google, instagram at least. Specs for my social apps are:
upd: related tasks:
|
@EricSimons I'm guessing this isn't something we want to support in the core spec per the discussion in issue #90? |
@Cameron-C-Chapman : imho, nope. Social login is complicated separate feature set. One more idea: we can extend API spec via versioning, and add some "addons" to spec, like, social logins. So, backend implementing this "addon" can use /v1-social/api" endpoint, not plain "/api". Next version of core spec can be "/v2/api". Maybe we can think on semver for spec. |
@Cameron-C-Chapman yeah, social login would def fall into the "extra credit" category @deksden I like the idea of potentially extending the spec via semver in the future 👍 probably will be a while before we create additional specs, but if/when we do, that seems like a great solution! |
@EricSimons i think we need to finalise the the v1 of the spec and tag it before we even think about extending it. This will help prevent a lot of confusion and mess with all the other developers given the number of codebase we have growing. |
I love that you included JWT for authentication, but I think that it will be very instructive to also add the option to log in using common oAuth2 providers, like github or facebook. This is a common issue we have when developing a fullstack app, and some examples of this would be greatly appreciated.
The text was updated successfully, but these errors were encountered: