Closed Cantido closed 9 years ago
I don't have a preference on OpenID vs. Devise. For the MVP I wanted to get one login system done quickly, so I surveyed a bunch of writers to ask whether they'd prefer logging in with email vs. Facebook/Google etc., and about 70% listed email as a first choice, so I went with that. However, now that email signup/login is working, I'd love to get some oauth stuff going sometime as well.
Related: #72
I've done a lot of work in Devise over the past 4-5 months and now have a strong preference towards Devise. I'll probably get that cracking soon, hopefully.
Devise also has an omniauth module that'll allow openid/sso providers like Google/Facebook/etc login.
Rails 4 has secure password functionality built-in. We can also consider having this on the site. I do not know anything about Devise so I can't make a preference.
http://api.rubyonrails.org/classes/ActiveModel/SecurePassword.html
Just suggesting an external gem because it would be more robust than any authentication system we could write on our own. We have a lot of options. I was thinking OpenID, but if that's too big, Devise seems like a really popular choice.
Resources: