search

gbv / cocoda

A web-based tool for creating mappings between knowledge organization systems.
https://coli-conc.gbv.de/cocoda/
MIT License
39 stars 5 forks source link

Integrate login-server/client into Cocoda #273

Closed stefandesu closed 5 years ago

stefandesu commented 5 years ago

Continuation of #15.

login-server and login-client are almost ready to be integrated into Cocoda. There are a few remaining questions regarding this integration though:

  1. As I understand, we want to give the user a choice which URI to use when creating mappings. By default, it should probably be the login-server URI, but one could decide to use their ORCID iD or GitHub account instead. Is that correct?

  2. Should there still be a custom URI field when a user is not logged in, e.g. to be written into local mappings? (probably yes)

  3. Related to 2: Should there be an option to rewrite all local mappings with a new creator after logging into an account? (could just be integrated into the "Rewrite creator for all local mappings" button)

  4. Should there be an option for a logged in (and therefore authorized) user to remain anonymous by not providing a URI? (I'd say no, but not sure about this)

  5. Should all previously used login code (with credentials) be removed? (I'd say yes because it's harder to maintain, but we could keep supporting both types of authentication for backwards compatibility)

There will be probably even more questions after starting to integrate it into Cocoda.

@nichtich

nichtich commented 5 years ago
  1. Yes, user should be able to switch his identity URI selected from the URIs provided by login-server. I'm not sure which URI to use as "default". We better include a modal or text at the settings form with brief description of consequences:

Which identity should be stored with your mappings and annotations?

  • a third-party identity makes your contribution visibly connected to a public user profile
  • an internal identity URI provides some degree of anonymity

  1. Yes but only for local content when not logged in. This could be called "fallback identity"? There may be mismatch if user locally saves mappings both logged in and logged out, but that's what the function" "Rewrite creator for all local mappings" is for.

  2. Yes, there is one function "Rewrite creator for all local mappings". We might add warnings, hints or an option to always rewrite creator after login so users find this function.

  3. No, the jskos-server URI provides some anonymity.

  4. Yes! Code must be eliminated! Resistance is futile!

stefandesu commented 5 years ago

4. No, the jskos-server URI provides some anonymity.

That would only be the case if we decide to not show information publicly in login-server (see https://github.com/gbv/login-server/issues/15). So I guess we've decided?

nichtich commented 5 years ago

Yes, better set the default visibility to false.

stefandesu commented 5 years ago

I think the integration is done. Further adjustment should be their own issue.