Add login authentication module

[vdubya]

Minimize friction to account creation. LinkedIn authentication particularly interesting due to professional networking emphasis. Other authentication methods are fine as well, whatever is easiest to implement with an existing Drupal module.

[jmerlan]

I tested this module a year ago and it wouldn't work. There have been some updates to Drupal so perhaps it will work now. I'll give it a shot and report back.

[jmerlan]

Still having issues: http://openrfa.org/admin/reports/event/402394

Error message: Notice: Trying to get property of non-object in _hybridauth_user_login_access_by_uid() (line 1170 of /home/openrfa/public_html/openrfa/sites/all/modules/hybridauth/hybridauth.module).

[vdubya]

Are there other authentication module options?

[vdubya]

@jmerlan Maybe you could give this GitHub authentication module a try? https://www.drupal.org/project/github_connect

[jmerlan]

I don't think most of our users have a GitHub account. Let me try out Google/Twitter/Facebook and see if I can at least get those to work. I've gotten them to work in the past.

[vdubya]

I agree that most of our users probably don’t have a github account but I think we REALLY want to encourage it. Plus if we were able to get github and LinkedIn it would be a really good way to reduce spambots.

[jmerlan]

I have the OneAll module that works installed to the dev site. @vdubya, please test it and I can roll it out to the production site. There are several social media sites that it supports, but I've only enable LinkedIn and GitHub for now.

[vdubya]

@jmerlan Tested, works and looks fantastic!! Feedback:

• [x] Might be good to configure using an admin account instead of jmerlan so it looks more official. (see pic below)
• [x] Is there a way to merge or associate existing accounts to github/linkedin logins? Also between github and linkedin logins so you didn't have to have two accounts or remember which one you logged in with originally? I could certainly imagine the challenges with that, but
• [x] Still requires a password for account creation, is it possible to configure to omit?
• [x] Minor suggestion to put "(highly recommended)" after "Login with:" and "Instantly register with:" as this would be a very good way for us to cut down on user account creation moderation time. Clearly not flawless but much better than just email verification. Anything we can do to encourage this as the preferred option will help us long term; it is also good to encourage github accounts to encourage open source participation.
• [x] Verified that it does not allow >1 openrfa account for 1 email address, good!

[jmerlan]

@vdubya It appears as though you can't request authorization from an organization: https://stackoverflow.com/questions/31159275/how-do-i-generate-the-github-oauth-token-for-organization-accounts

Can you confirm? Should we create a dummy Github users that is called OSAIC or something?

[vdubya]

@jmerlan Yes, a machine account would be good, probably one specifically called OpenRFA would be the most identifiable (or OpenRFA-bot, OpenRFA-Admin, or something).

[jmerlan]

Thanks for the link. I'll set that up. I'm thinking we name it after OSAIC so that it can be the machine account for the entire organization.

[vdubya]

Closing because I think it is good for v1 implementation, and we can focus on the account merging/association question as a separate issue. Of course reopen if you disagree!