User registration using social network and Google #173
Labels
blender
This issue involves the Blender add-on or worker script
bounty 120
This issue is part of BitWrk's Bount Hunt program. See http://bitwrk.net/bounty
client
This issue involves the BitWrk client software
enhancement
Go
This issue requires skills in the Go programming language
help wanted
HTML+JS
This issue requires skill in HTML and JavaScript
MVP
server
This issue involves the central BitWrk service
Milestone
Users should register in order to be eligible to redeem coupons. Therefore, associating a user with a social network ID should be mandatory.
User registration is helpful in preventing people from creating a lot of fake accounts and redeeming coupons on those. Also, user registration could provide a means for recovering a lost private key (or better: serve as an alternative authentication method).
Q: How would the BitWrk client request an authorization token?
A: Suggested API: BiTWrk client would POST to /authtoken, provide signature(nonce|participantid)
Q: How would the authorization token become a cooke for domain bitwrk.appspot.com?
A: Suggested solution like in this StackOverflow answer:
<img>
in the BitWrk client's UI that has the auth token in its URLIn both cases, query parameters would be used to communicate an authentication token. The BitWrk service would then validate the received token and, if validation was successful, set the corresponding cookie. Care must be taken not to leak the auth token in referer URLs.
The text was updated successfully, but these errors were encountered: