Labs/Weave/Identity/Account Manager/Spec/Latest: Difference between revisions

Jump to navigation Jump to search

Labs/Weave/Identity/Account Manager/Spec/Latest (view source)

Revision as of 22:55, 8 April 2010

434 bytes added ,  8 April 2010
→‎Username-Password Form Profile
Line 145: Line 145:
The Username-Password Form Profile is used for domains that maintain user records keyed on username, with a single password used as the credential for access.  The profile is appropriate for domains that are keyed on unique user identifiers other than free-form passwords; in particular, it is appropriate for an email-address-and-password domain.
The Username-Password Form Profile is used for domains that maintain user records keyed on username, with a single password used as the credential for access.  The profile is appropriate for domains that are keyed on unique user identifiers other than free-form passwords; in particular, it is appropriate for an email-address-and-password domain.


The profile name identifier for the Username-Password Form Profile is "username-password-form".
The profile name identifier for the Username-Password Form Profile is <tt>username-password-form</tt>.


The methods defined by the profile are:
The methods allowed in this profile are <tt>connect</tt>, <tt>disconnect</tt>, <tt>register</tt>, <tt>changepassword</tt>, <tt>sessionstatus</tt>, <tt>accountstatus</tt>.  See the sections below for a definition of each method.


=== connect ===
=== connect ===
Line 153: Line 153:
Used to establish a user session with the domain.  In common usage, submitting the request to the defined endpoint will cause a cookie to be set on the user-agent.
Used to establish a user session with the domain.  In common usage, submitting the request to the defined endpoint will cause a cookie to be set on the user-agent.


Properties:
;Required properties
* params:
** <tt>username:</tt> Parameter name for the user's username.
** <tt>password:</tt> Parameter name for the user's password.


* params: required
;Optional properties
** username: Parameter name for the user's username. required
* <tt>onsuccess: ''status-action''</tt>
** password: Parameter name for the user's password. required
* <tt>onfailure: ''status-action''</tt>
* onsuccess: status-action optional
* onfailure: status-action optional
 
response interpretation:


;Response interpretation
* The user-agent MUST verify the session status as specified in section 3.3.
* The user-agent MUST verify the session status as specified in section 3.3.
* If the status could not be determined or is not active, or in the event of any 4xx or 5xx response or transport-level error, the user-agent MUST execute the onfailure action if specified.  If not present, the user-agent SHOULD reload the current page.
* If the status could not be determined or is not active, or in the event of any 4xx or 5xx response or transport-level error, the user-agent MUST execute the onfailure action if specified.  If not present, the user-agent SHOULD reload the current page.
Line 171: Line 171:
Terminates an existing user session with the domain.  In common usage, submitting the request to the defined endpoint will cause a cookie to be cleared on the user-agent.
Terminates an existing user session with the domain.  In common usage, submitting the request to the defined endpoint will cause a cookie to be cleared on the user-agent.


Properties:
;Required properties
 
:None.
* onsuccess: status-action optional
* onfailure: status-action optional
 


response interpretation:
;Optional properties
* <tt>onsuccess: ''status-action''</tt>
* <tt>onfailure: ''status-action''</tt>


;Response interpretation
* The user-agent MUST verify the session status as specified in section 3.3.
* The user-agent MUST verify the session status as specified in section 3.3.
* If the status could not be determined or is not none, or in the event of any 4xx or 5xx response or transport-level error, the user-agent MUST execute the onfailure action if specified.  If not present, the user-agent SHOULD reload the current page.
* If the status could not be determined or is not none, or in the event of any 4xx or 5xx response or transport-level error, the user-agent MUST execute the onfailure action if specified.  If not present, the user-agent SHOULD reload the current page.
Line 189: Line 189:
Used to change the password associated with a username.
Used to change the password associated with a username.


Properties:
;Required properties
* <tt>username:</tt> Parameter name for the username.
* <tt>old_password:</tt> Parameter name for the old password.
* <tt>new_password:</tt> Parameter name for the new password.


* username: Parameter name for the username.
;Optional properties
* old_password: Parameter name for the old password.
* <tt>new_password_verify:</tt> If present, the new password will also be submitted using this parameter name.
* new_password: Parameter name for the new password.
 
* new_password_verify: If present, the new password will also be submitted using this parameter name. optional
;Response interpretation
(fixme)


=== sessionstatus ===
=== sessionstatus ===
Line 200: Line 204:
Defines a way for a user-agent to determine its current session status.
Defines a way for a user-agent to determine its current session status.


Properties:
;Required properties
:None.


* onfailure: status-action optional
;Optional properties
 
* <tt>onfailure: ''status-action''</tt>
 
response interpretation:


;Response interpretation
* The user-agent MUST verify the session status as specified in section 3.3.
* The user-agent MUST verify the session status as specified in section 3.3.
* If the status could not be determined, or in the event of any 4xx or 5xx response or transport-level error, the user-agent MUST execute the onfailure action if specified.  If not present, the user-agent SHOULD reload the current page. Regardless of the onfailure action, the user-agent SHOULD act as though the user is not logged in, but MAY, if it has a mechanism for doing so, indicate that the user's session status is in an error state.
* If the status could not be determined, or in the event of any 4xx or 5xx response or transport-level error, the user-agent MUST execute the onfailure action if specified.  If not present, the user-agent SHOULD reload the current page. Regardless of the onfailure action, the user-agent SHOULD act as though the user is not logged in, but MAY, if it has a mechanism for doing so, indicate that the user's session status is in an error state.
Line 214: Line 218:
Defines an endpoint used by the user-agent to retrieve the status of the account bound to the current session.  The user-agent SHOULD NOT invoke the accountstatus method until it has successfully executed a connect method.
Defines an endpoint used by the user-agent to retrieve the status of the account bound to the current session.  The user-agent SHOULD NOT invoke the accountstatus method until it has successfully executed a connect method.


Properties:
;Required properties
None
:None
 
;Optional properties
:None


response interpretation:
;Response interpretation
A 2xx response may be interpreted by the user-agent by following the Data Identifiers in Content rules (section 7.1) described below.  Any 4xx or 5xx response will be interpreted as an error.
A 2xx response may be interpreted by the user-agent by following the Data Identifiers in Content rules (section 7.1) described below.  Any 4xx or 5xx response will be interpreted as an error.


Thunder
946

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/214542"

Navigation menu