[webteam] auth idea
Peter Saint-Andre
stpeter at stpeter.im
Mon Jan 28 14:48:37 CST 2008
At the last meeting we talked about website authentication. Here is the
general idea:
1. User visits www.jabber.org
2. There is a special authentication link, like this:
xmpp:auth at jabber.org?message;body=token
Where "auth at jabber.org" is the address for our special "AuthAgent".
3. User's Jabber client (or browser plugin?) sends XMPP message
containing token to AuthAgent.
4. AuthAgent receives XMPP message and passes it to Drupal, probably via
hook_auth, see:
http://mail.jabber.org/pipermail/webteam/2007-November/000609.html
5. Drupal reloads page (or some fancier Ajax function happens) and logs
in the user.
I think this is an accurate summary of the general idea, but correct me
if I'm wrong. See also this thread for related conversation:
http://mail.jabber.org/pipermail/standards/2008-January/017472.html
Peter
--
Peter Saint-Andre
https://stpeter.im/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/webteam/attachments/20080128/78ab2930/attachment.bin
More information about the webteam
mailing list