Closed stefandesu closed 5 years ago
Which identity should be stored with your mappings and annotations?
- a third-party identity makes your contribution visibly connected to a public user profile
- an internal identity URI provides some degree of anonymity
Yes but only for local content when not logged in. This could be called "fallback identity"? There may be mismatch if user locally saves mappings both logged in and logged out, but that's what the function" "Rewrite creator for all local mappings" is for.
Yes, there is one function "Rewrite creator for all local mappings". We might add warnings, hints or an option to always rewrite creator after login so users find this function.
No, the jskos-server URI provides some anonymity.
Yes! Code must be eliminated! Resistance is futile!
4. No, the jskos-server URI provides some anonymity.
That would only be the case if we decide to not show information publicly in login-server (see https://github.com/gbv/login-server/issues/15). So I guess we've decided?
Yes, better set the default visibility to false.
I think the integration is done. Further adjustment should be their own issue.
Continuation of #15.
login-server and login-client are almost ready to be integrated into Cocoda. There are a few remaining questions regarding this integration though:
As I understand, we want to give the user a choice which URI to use when creating mappings. By default, it should probably be the login-server URI, but one could decide to use their ORCID iD or GitHub account instead. Is that correct?
Should there still be a custom URI field when a user is not logged in, e.g. to be written into local mappings? (probably yes)
Related to 2: Should there be an option to rewrite all local mappings with a new creator after logging into an account? (could just be integrated into the "Rewrite creator for all local mappings" button)
Should there be an option for a logged in (and therefore authorized) user to remain anonymous by not providing a URI? (I'd say no, but not sure about this)
Should all previously used login code (with credentials) be removed? (I'd say yes because it's harder to maintain, but we could keep supporting both types of authentication for backwards compatibility)
There will be probably even more questions after starting to integrate it into Cocoda.
@nichtich