Priorities for adding OpenID support

Eventually, nearly all web apps will likely support OpenID in some form. But — here in the early days — what web applications are most in need of OpenID?

Apps where identity is important — you want to track several pieces of data back to a known identity, or allow an identity to come back and update their own data. Combine that with web apps where many users contribute, but might only come back irregularly, and you have the sweet spot. Prime examples would be wikis, forums, and blogs.

I had an interesting Skype-to-Europe call with Frank, who is working on some OpenID stuff for Mephisto, about how this relates to that project.

Blogs have two distinct sets of users: the blog owners, and those posting comments. Mephisto does not have a single, unified “user” to manage both. Blog owners log in to post and administer the blog, while comments just store the name, email, and ip of the commenter directly in the comment table — there is no login per-se.

So there’s a bit of a mismatch right now: Mephisto doesn’t really have the architecture in place (e.g. login for submitting comments) where OpenID support would be most useful. This leads to things like Justin’s OpenID consumer plug-in port to mephisto — it calls the OpenID libraries, but then mearly dumps the user’s email & name (from SRE) into the comment. You can’t re-login and go back to find and modify one of your prior comments, because Mephisto isn’t really using OpenID to know it’s “you” yet. So it only saves you some typing, and not much at that.

But adding OpenID support for admin login, while nice, wouldn’t be where the greatest need is.

This creates an issue for the upcoming screencast, since it needs to focus on OpenID without getting into more complex distractions (like fleshing out new blog comment functionality). That, and also Mephisto’s authors are trying to avoid adding any complexity to the trunk right now. The focus is on stabilizing, since you pretty much need to be on trunk to have it work out of the box (0.7.3 is getting quite old, and doesn’t work without some small updates from trunk). Mephisto needs some more time to bake before adding OpenID will be completely smooth.

What all this adds up to, is Mephisto is not a good match for the screencast. But I’ve got a set of smaller Rails-based app or app porting ideas which would. Hopefully they’ll be both interesting on their own, and very clear examples of Rails implementations where OpenID is most useful.

Post a Comment
(Never published)