Confirmed users
188
edits
Services/Sync/WEP/110: Difference between revisions
no edit summary
(Created page with '{{draft}} == WEP 110 - Site Auto-registration and Password Change == *Status: Draft *Created: 28 Oct 2009 *Reference Implementation: None *WEP Index =…') |
No edit summary |
||
| Line 11: | Line 11: | ||
As part of the [https://wiki.mozilla.org/Labs/Weave/Identity/Account_Manager Weave Identity] extension, we should support auto-registration of user accounts at websites and also manage passwords on behalf of the user. This WEP tackles the specific issue of the metadata that a site must provide to Weave in order to enable these features. | As part of the [https://wiki.mozilla.org/Labs/Weave/Identity/Account_Manager Weave Identity] extension, we should support auto-registration of user accounts at websites and also manage passwords on behalf of the user. This WEP tackles the specific issue of the metadata that a site must provide to Weave in order to enable these features. | ||
=== Metadata === | === Metadata === | ||
Websites should include a <link rel> tag on every page that requires the presence of an identity (pages behind authentication, or registration pages) | Websites should include a <link rel> tag on every page that requires the presence of an identity (pages behind authentication, or registration pages). | ||
<link rel="identity" href="/identity.json" /> | <link rel="identity" href="/identity.json" /> | ||
| Line 35: | Line 23: | ||
The <tt>href</tt> attribute of the identity <tt><link rel></tt> should point to a JSON file that describes the interface the website provides to auto-register accounts and manage them. The format of the JSON file is described in this section. The JSON file must be present on the same domain as the web page that pointed to it, or could alternatively be a chrome URI. | The <tt>href</tt> attribute of the identity <tt><link rel></tt> should point to a JSON file that describes the interface the website provides to auto-register accounts and manage them. The format of the JSON file is described in this section. The JSON file must be present on the same domain as the web page that pointed to it, or could alternatively be a chrome URI. | ||
{ | |||
domain: "http://example.org/", | |||
methods: | |||
{ | |||
"register": | |||
{ | |||
path: "/register", | |||
method: "POST", | |||
params: | |||
{ | |||
userName: "name_field", | |||
givenName: "first_name_field", | |||
familyName: "last_name_field", | |||
emailHome: "email_field", | |||
password: ["pw_field", "pw_field2"] | |||
} | |||
}, | |||
"login": | |||
{ | |||
}, | |||
"password": | |||
{ | |||
} | |||
} | |||
} | |||
=== Function === | |||
When Weave detects the presence of an identity tag, it will act as follows: | |||
* If the user is currently not logged in: | |||
** If there is an identity in local store corresponding to the current domain: | |||
*** Offer the user to login with that identity (or) auto-login | |||
** If there is no identity associated with the domain: | |||
*** Offer the user to auto-register with the site using a particular local identity | |||
* If the user is logged in: | |||
** Show a small UI element (key in the address bar as we did with the Weave auto-login feature?) that allows the user to log out or switch identities on the current domain. | |||