Implement osu! client verification flow

[ghost]

gulag is missing email verification functionality.

[tsunyoku]

i think this is an interesting one as it is a great idea and certainly something that should be implemented but theres so many different ways to go about it and a lot of different services that can do what we want

[Atakku]

just add an external smtp server support

[ghost]

@tsunyoku you don't want to implement credentials to an email service in source code... end-user will provide their smtp settings.

[tsunyoku]

i think in a large amount of cases, hosting an smtp server purely for email verification is tedious and overkill. surely we can utilise a service such as mailgun instead?

[ghost]

bruh that's none of gulag's business. This js

[ghost]

fuck

[tsunyoku]

what

[tsunyoku]

it is gulag's business, do you even know what mailgun is?

[ghost]

@tsunyoku this isn't a service this is server software that people host themselves; u don't put credentials to an email service in source code. the end-user can sign up for whatever email service they want and put their smtp credentials in.

[tsunyoku]

where did i say they put credentials to an email service?? i never said that anywhere, i just suggested we could use something such as mailgun but yes smtp works too

[ghost]

"a lot of different services that can do what we want"

[tsunyoku]

and since when did a service = putting credentials in source code?

[ghost]

ok so you mean like mailgun has its own api instead of smtp so the app has to be built to use it specifically

[tsunyoku]

i was making a suggestion yes (isn't that the whole point of this!!) but smtp also works. why do you have to be so bitchy about it lol?

[ghost]

ok, no, gulag should use smtp and smtp only, not be restricted to some proprietary api. i want to use it with my own smtp server

[ghost]

@tsunyoku i misunderstood

[tsunyoku]

ok, no, gulag should use smtp and smtp only, not be restricted to some proprietary api. i want to use it with my own smtp server

all im gonna say is that there's a lot of "i"'s there, we need to think about what is most convenient for a broad scale of users. i think both have ups/downs so it really depends but i think both are perfectly fine ways to do this

[ghost]

smtp is the standard, look at any web software that uses email, it uses smtp.

[tsunyoku]

not all but a large percentage yes, smtp is usually convenient for stuff like this but i have seen mailgun in use for this kind of thing (see ripple's hanayo for example)

[ghost]

cmyui could implememt both smtp and mailgun if he wants, but it would suck if there was only mailgun support and not smtp

[tsunyoku]

ig

[Atakku]

i think in a large amount of cases, hosting an smtp server purely for email verification is tedious and overkill. surely we can utilise a service such as mailgun instead?

i dont think it can be used just for email verification. Maybe in the future a login verification like in osu.ppy.sh can be implemented as well also its very easy to setup https://github.com/namshi/docker-smtp i personally use this with a google account

[tsunyoku]

it can be used for mail verification, 100%. bancho’s login system is superior i agree but achieving that level of verification isnt going to just happen straight away. also yes but a. docker and b. more work than setting up mailgun (especially for those who may not be familiar)

[ghost]

u can use any smtp service just as easy as mailgun

[Atakku]

it can be used for mail verification, 100%. bancho’s login system is superior i agree but achieving that level of verification isnt going to just happen straight away. also yes but a. docker and b. more work than setting up mailgun (especially for those who may not be familiar)

SMTP doesnt necessarily have to be in docker, thats just an example of an easy to setup server for docker users, if you dont want to use docker, you can just setup exim or any other mail transfer agent that supports SMTP yourself

SMTP is a widely used protocol, and Mailgun provides SMTP servers themselves

[tsunyoku]

what the fuck did i just read. okay, we definitely want to integrate with stable's client verification logic but how we decide to do that is probably up for debate; i'll genericise this issue a little bit