Wed 12 Feb 2014 5:42PM

Diaspora* authenticate

DU [deactivated account] Public Seen by 76

Hello guys, there is many usefull (IMO) things such as "Login with Facebook", "Login with Twitter" an some others.
Will diaspora have this feature?
I vote for it, this will be famous and it can be integrated for example there: http://everyauth.com/

After this many users can be logged on applications with own diaspora* account.


David Morley Wed 12 Feb 2014 5:50PM

I am guessing the community will be opposed to this since most of the sites listed are "evil", however I think it would be a positive and help adoption rates. Too bad things like OpenID never really made it, that would be ideal.


[deactivated account] Wed 12 Feb 2014 5:59PM

I really haven't any bad suggestion on this idea.
Ok, you can sad Facebook is evil, but is there reason to absolutely deny this idea?
There is many positives.


Ravenbird Wed 12 Feb 2014 6:39PM

I prefer a universal ID for the whole diaspora network, which you can login to your account on every server. I don't like real e-mail adresses for this. And then the other Problem. Wenn two users use the same callname, you have to show the users e-mail adress too, or there will be many confusions. That will be no problem with a
unique diaspora ID.


Sean Tilley Wed 12 Feb 2014 6:51PM

This is something that technically can be done, in fact Diaspora used to be an OAuth2 provider. We've had discussions on Loomio about going with either OAuth, OpenID, or something else altogether.


Seth Martin Wed 12 Feb 2014 7:56PM

If I see another “Login with Facebook” or “Login with Twitter” button, I think I might vomit.


Vostok Wed 12 Feb 2014 11:40PM

Me too @sethmartin , that's disgusting.
By having this option for diaspora* certainly would rise its number of users quickly, but in some cases (login to some evil sites) maybe doesn't worth for diaspora* to be there.
That's the point: how many pros and cons diaspora* would get by enabling a feature like that? A mapping of this (and the voting of course) would tell what to do next.


Airon90 Thu 13 Feb 2014 12:15AM

What about Persona?


faust twi Thu 13 Feb 2014 2:22AM

login with diaspora? that would be cool


theradialactive Thu 13 Feb 2014 3:37PM

I really dont' think, that we need that. Like Michael Moroni said, I would prefer persona. There are so many providers like Google, Facebook, Twitter, OpenID (and then Persona). Why should we build another one?

Maybe we should just implement Persona to the diaspora login. That would be awesome.


Michael Engelhardt Thu 13 Feb 2014 4:29PM

Would love to see personal support on diaspora*.


[deactivated account] Thu 13 Feb 2014 6:51PM

In all means the Persona and "Login with diaspora*" are two different things.
The real issue start with username:
I want login with username@server.tld on any diaspora supported server not only one.
Then why don't add abbility login on other sites?
The site can choose by using and don't use this possibility.
The sites have choises.
I do many sites and I haven't on any facebook login, but on other site write me users, then want this feature and I add it there.
This is not only me personal problem, this can be very good abillity for many users.
Maybe the facebook can be changed to diaspora. I think this would be nice jump.


[deactivated account] Fri 14 Feb 2014 3:51PM

To log in on any pod would require your user account details (and the millions(?) of other users account details) to be federated and stored on every single pod across the world. Most pods won’t have the spec to hold account details for that many users. But that detracts from the original topic.

I too would like to see “Log in via” type auth methods on D*. I’ve added these two auth methods to sites in the past (ASP.NET, not RoR) and I see no reason why they couldn’t be implemented on D* as you only need to store four values to confirm an identity:

Twitter User ID
Twitter Screen Name
OAuth Token
OAuth Secret

Same principal with Facebook, there’s a UID, First Name, Last Name, AccessToken.

Other questions need to be asked though, such as what return on investment would D* receive for implementing these alternative auth methods? Or how high/low in the development priority list would this feature request sit?


Ryuno-Ki Fri 14 Feb 2014 6:45PM

Can someone gather the API constraints of the mentioned log in techniques? This way, we can compare them.

For example, I could image, that Facebook tracks user with their login offer … (not proved).


[deactivated account] Sun 16 Feb 2014 3:32PM

@rich1 I agree with second point but not first one.
Why is needed stored all data on secondary pod?
When we say about decentralized system, the pods can communicate between each other.
I think the idea about decentralization is still there.
I really don't see any need to store duplicated data. Maybe when we say about CDN but this is other thema.