Closed r4dh4l closed 2 years ago
Invitation links to private rooms for guests is a separate thing, which ILAG never provided. I've filed https://github.com/vector-im/riot-web/issues/12939 for that.
Thx @ara4n for reporting back here. I took :tada: with :confused: because :tada: would provide us at least somehow a guest access we really need. But I think we all know that the original guest access/ILAG was not designed very well. Guest users need to know that they are guest users! What about the initial idea of a @guest<RandomGenerated40bitHexKey>_CustomPart:example.com
MXID?
I'd like one-click creation of throwaway accounts which are clearly marked as such, just like @r4dh4l (and the issue description) says. I don't care whether they can be converted into real accounts later, chat history has little value. What has a lot of value is being able to provide users with a one-click communication channel for getting help, without them having to get through a registration process. That means there is no way to notify them about replies once they close the browser, but I could live with that.
This feature must already exist in some form because some Matrix servers support it for some rooms (compare https://riot.im/app/#/room/#tarsalgo:grin.hu with https://riot.grin.hu/#/room/#tarsalgo:grin.hu in an incognito window, for example - the first gives you a login bar, the second just drops you into a guest account) - not sure if that's the ILAG feature and that server is using an older riot version, or something different. But that's pretty much what I'd like to see.
An alternative approach would be to make registration very easy - a one-click Google / Facebook login, maybe.
I've noticed bot accounts have a special flag of some sort (I searched the spec, couldn't find anything on it); can't guest users be granted a similar flag? I wouldn't be opposed to them being excluded from things like room counts, etc., but really hankering to get this feature back.
Just a few examples of “no sign in” UX: https://www.skype.com/en/free-conference-call/ https://meet.jit.si https://sketchtogether.com
@martindale bots have no special flag, the only two user types in Matrix are users and guests, bots can be either.
I was enthusiastic today when I found out that I can invite somebody by e-mail. But I was shocked to see that registration is required for guests.
I could have provided a secure, self-hosted solution for family and friends. Unfortunately, I do not know a single person who fancys account registration for guests.
@martindale bots have no special flag, the only two user types in Matrix are users and guests, bots can be either.
How are bot messages differentiated then? Is this just a flag on the message type? Can guest users have their messages with a similar flag?
They aren't differentiated. Some bots opt to send m.notice
events instead of m.text
events.
I was advised by Matrix staff that bots are recommended to send m.notice
events. In any case, maybe a m.guest
event is warranted for Guest messages?
After much searching, I found the commit which theoretically could be reversed to re-enable ILAG:
31ae35771dcf019f3a304c7e04b2f3bc6b3b9b55
(accompanying PR vector-im/element-web#2536)I'll give this a shot and report back within the week.
Hi Martin, so what's your result?
After much searching, I found the commit which theoretically could be reversed to re-enable ILAG:
31ae35771dcf019f3a304c7e04b2f3bc6b3b9b55
(accompanying PR vector-im/element-web#2536) I'll give this a shot and report back within the week.Hi Martin, so what's your result?
No luck, seems there were a lot of other changes that I've been unable to track down.
The FAQ says, it is still possible.
How can I invite a contact to use Riot? You can invite a contact by email or by sending them a link to a room: by clicking on the link they will be able to join without even registering, if the room allows it.
That should be changed then.
Any update on guest user access? There seems to have been a lot of activity here which just totally died down a month or two ago..
Nope, any and all activity would be here
In fact, guests can join rooms, only the button is hidden three clicks away, in the "Expore rooms" window. Copy it to the bottom bar in the room preview, maybe?
In fact, guests can join rooms, only the button is hidden three clicks away, in the "Expore rooms" window. Copy it to the bottom bar in the room preview, maybe?
What do you mean ? How can I join a room as a guest please ?
In fact, guests can join rooms, only the button is hidden three clicks away, in the "Expore rooms" window. Copy it to the bottom bar in the room preview, maybe?
What do you mean ? How can I join a room as a guest please ?
Edit: switched to light theme.
The "Explore rooms" button is also present on the welcome page, guests can join from it as well ( yourserver.com/#/directory ). The only confusing thing here is absence of the "Join" button in room preview.
You mean this page ?
You have to enable guest access first.
"disable_guests": false,
in config.json (element-web)
allow_guest_access: true
in homeserver.yaml (Synapse)
After that, another button, opening room list, will appear:
Guest access must be enabled in each specific room as well.
Thank you! Any other option I have to set to federate my public rooms ?
Thank you! Any other option I have to set to federate my public rooms ?
allow_public_rooms_over_federation: true
(this is unrelated to the issue, though)
Just one question coming from the matrix-doc on guest_access: https://github.com/matrix-org/matrix-doc/blob/master/specification/modules/guest_access.rst#post-matrix-client-%CLIENT_MAJOR_VERSION%-register
So previously chatting as guest in Riot was not implemented using the following?
PUT /rooms/:room_id/send/m.room.message/:txn_id
But theoretically it is possible to get guests to send messages if we make this API call?
i have read the discussion and if there is no architectural problem i think having guest users who can read/write without registration is really good (obviously this with the usual good policies of letting set this permissions individually in the server/room settings).
If the problem is just that it could be risky because the Nick could be reassigned to someone else once expired, I think it would be enough to warn everytime when you start to chat with him that the user is not trustable because it is an unregistered temporary user (you can distinguish guest with special Id option and also highlight this in the client prepend their nickname with something recognizable and a different color, if you make the distinction between normal user and guest also the problem that it is not possible to register anymore the nickname because you forgot your password disappear). Moreover you could record the last expiration date of the temporary nickname and notify it if someone starts talking to a user who has expired in the meantime (example: "the username has expired and has been reassigned since the last conversation"). But you can also do not permit reassign of guest nickname if it is more reliable system.
I think it's nice that the Matrix provides us with the tools to protect our privacy but that it doesn't inhibit useful functions with the excuse of protecting us from possible stupid actions of the users.
i had a play with this at https://github.com/matrix-org/matrix-react-sdk/compare/matthew/ilag; looks like it's easier than I expected; we're working on the designs currently.
Hi! Any updates on this? Or is there a different Issue for that?
Thanks for the great work!!
Hi! Any updates on this? Or is there a different Issue for that?
The feature is currently on the roadmap in the "later" section under the name "Incremental Signup".
It was also mentioned in a blog post, that it may come in 2021.
Incremental Signup - Once upon a time, Element (Riot) had the ability to gradually sign-up without the user even really realising they’d signed up. We want to bring it back - perhaps this will be the year?
Ok I hope is what I was talking about (coming from another locked issue), like sharing such a room https://chat.trom.tf/#/room/#chat:matrix.trom.tf that is public, and be able to access it by anyone. On the web. No need to open in another app. We had that with NextCloud Talk https://www.drive.tromsite.com/call/j44iod3w and worked wonders and was super useful. That's what I was talking about at https://github.com/vector-im/element-web/issues/18191
Will keep an eye on this issue then.
Our friends from Guardian Project created a client called Convene which supports incremental sign-up. New accounts are created automatically and you can set a password if you plan to reuse it later. There is a demo.
Are there other (web-)clients that support this? FluffyChat currently doesn't.
Matthew mentioned in this years roundup blog-post that some new clients support it.
In practice, the only things from the list we haven’t got to [in 2021] are [...] and restoring incremental sign-up (although our new clients have it!).
@hex-m does this create users which usernames are simply @guest1234...
and such? Or did you (somehow) implement a stage where a user can choose their own username, somewhere along the way?
Also, IIRC, this feature was blocked exactly because of that problem, where users weren't able to change up their username down the line, and it creating a unpleasant situation. The solution feeling I got was simply to wait for seamless user migration capabilities (such as MSC1228) before going ahead with this, and that it stagnated on that blocker. (Though please correct me if I'm wrong)
According to my tests you get a randomly generated user-id on their server. Those are technically not guest accounts - at least the rooms are not configured to "allow guest access".
To answer my own question: Cactus Comments is a web-client that supports guest access.
That "solutiion" requires you to host a web application. This functionality should be built natively into https://app.element.io/.
This would have been a really nice feature to have yesterday. When Slack went down a user asked me about alternatives for the team. I always recommend Matrix via Element, but getting the other team members to create a Matrix account and figure out the nomenclature and semantics of Matrix usernames and how to add them to a room for temporary usage during the time that Slack was down was a pain point.
Quite honestly, this is the reason why I've installed my XMPP (Prosody) back after 10+ years, to set up anonymous/guest access.
As much as I like Matrix, it's not the end-all-be-all. I became active again on XMPP federated networks, and have seen that after 10+ years, Prosody have evolved a lot as well.
If you really need a self-hosted anonymous/guest room, I think XMPP is your best bet. There is even converse.js for it as a web client. See it in action on https://chat.prosody.im/
@karolyi Thanks for mentioning that alternative. The thing is, personally I need (and most non-technical users also need) a hosted solution, especially for the temporary usage scenario that I mentioned when a primary service goes down for a few hours, and there's no time or justification for setting up a self-hosted solution. (Of course I fully support self-hosted services and I don't understand why more companies and organizations don't have backup or even primary self-hosted open source communication platforms instead of being at the mercy of the mega commercial services.) In the case I mentioned yesterday, Element / Matrix just had too high of barrier to entry and the team didn't use it as far as I know. Back when guest users were allowed in Riot / Matrix it would have been a piece of cake to temporarily switch to it.
@geckolinux I'm really unaffiliated, but if you need a hosted XMPP service: https://snikket.org/hosting/
Here is my usecase and why better guest users UX would help me: My company offers a few services (mail, webdav, caldav, carddav, and synapse/element) for a small price. We use an OpenID Connect server to centralize all our users, so there is no "real" user on synapse. Our users are mainly non tech smartphone users. Our users can communicate with themselves, and this part is good. We would love to suggest them to replace whatsapp and other IM applications with element, so they can chat with their families, friends etc. For now this is way too complicated for us to generate usage on this front.
In an ideal world, only registered users would be able to create rooms, but anyone could join a room with an invitation link. People would tell their folks to install element on their smartphone, then send invitation links by sms/mail/whatsapp.... A tap on the link this would automatically open the element application and join the room. If this is the first time the user launches the application, their name would be asked for. Now the delicate part would probably be to upgrade the user. As we only use a SSO, that would mean redirect the user to our OIDC server registration page. So how would the newly created SSO account would match the old guest account? The only easy way I can think of would be to ask the guest users for an email or a phone number, or be sure the registration process redirects to the matrix app in the end.
We would be willing to pay a few hundred euros for this feature.
While I don't have an update on full ILAG support, we are looking at ways to make the guest experience customisable. Stay tuned, and hopefully it'll cover some/all of the usecases here.
@turt2live Any news on this?
From my experience, guest users can only read rooms in which history is readable by anyone. In order to read/write in a room, this room should be listed in auto_join_rooms If I'm right, at least the description "participate" of synapse config allow_guest_access is wrong.
# Allows users to register as guests without a password/email/etc, and
# participate in rooms hosted on this server which have been made
# accessible to anonymous users.
#
allow_guest_access: true
How can I set a room read/write by guest user without having this room auto-joined by all instance users? (auto_join_rooms empty)
At the moment there's no real update on this - we're still going ahead with a module sort of setup for simple ILAG things, but at the moment Element Web doesn't formally support guests being able to write to rooms.
Getting support for certain features is best done in the support rooms. For synapse, that is #synapse:matrix.org on Matrix.
For what it's worth, it appears the new P2P call.element.io does produce some kind of random matrix User Identifiers when logging in with a chosen Display Name, and does not require a password to join. Is this eventually related?
it's a similar process to what ILAG would do, but it's a different project.
What a pity. It exactly does what we expect here:
But good to know developers are aware of each other.
And to continue from examples in the nearest neighbourhood of the ecosystem, https://github.com/vector-im/chatterbox also implements token-based "behind-the-scenes" registration/provisioning of (transient? / temporary?) user accounts for external visitors.
Moving this issue to discussions in Element meta as we need to make a cross platform decision on how to proceed :+1:
Hmm, looks like there's a bug with transferring issues right now. This URL should now automatically redirect to the discussion! I've reported the issue to GitHub.
Please follow the issue and continue any discussions at the link above
Don't worry, it's not a bug. The redirect works perfectly for the originating issue 727 in meta, but not for this one in web.
Description
I already mentioned this in https://github.com/vector-im/riot-web/issues/8808#issuecomment-465797492 but maybe the issue topic is not emphasizing my point:
Before Riot 1.0 it was possible to join a room without creating an account. Yes, choosing a user name was actually technically creating an account on the according home server but in perspective of the user it was a way to join a conversation without the registration procedure. This feature is very essential in my opinion because you could invite users on project pages to a project room without bothering them to create an account in the first place.
Steps to reproduce
After "Click here to join the discussion!" I would like to see a button "Join as guest" next to "Cancel", "Register" (and maybe "Join with existing Account"). Edit: After "Join as guest" there should be an input field with pre-generated username like
@guest_expiring2019-10-12_13-42-46_<CustomPart>:matrix.org
while only<CustomPart>
can be edited. This would mean:This way a guest account would clearly indicate that
it is a guest account
it is not possible to contact such an account after 2019-10-12 13:42:46
Platform: web
For the web app: