Improve username / auth key pair process for non-techies

[MatthewEppelsheimer]

Current process:

The current process may seem straightforward, but it requires some knowledge we developer-types take for granted that is certain to lose some folks. It also requires some manual steps that could be easily automated.

0. Log in to Beeminder.com
1. Visit https://www.beeminder.com/api/v1/auth_token.json
2. Identify the auth_token key's value, and copy just that part
3. Within your WordPress dashboard, navigate to Settings > Beeminder
4. Paste the key into the Beeminder API field

(Step 2 is where we lose some non-technical people.)

Proposed process:

The goal here is to automate as much as possible, and minimize what the user has to do.

0. Log into Beeminder.com
1. Within your WordPress dashboard, if you haven't already gone through this process, then you're prompted to visit the Settings > Beeminder page with an admin message
2. When you visit the Settings > Beeminder page, if you haven't already gone through this process,
   • THEN, if you're logged into Beeminder.com (because you didn't skip step 0):
     • THEN: WP automatically fetches (curl essentially, but we'll actually use WordPress' "HTTP API") the username & key and sets it for you via AJAX. If you skipped Step 0, UI prompts you to login and refresh the page.
     • ELSE: You're prompted to log in to Beeminder.com and then refresh
3. See a message saying you're set up successfully as username [username].

Thoughts / questions:

• Is there any reason not to just hide the auth key itself? Maybe hide it by default, but expose a button that reveals user & auth key fields you can view & edit.

[dreeves]

We might need @bsoule's help thinking this through more carefully but isn't oauth the right way to automate this? Ie, in the Beeminder API docs, skip the "personal auth" section -- what the current process uses -- and instead use this: http://api.beeminder.com/#client-oauth-oauth