User authentication

[tadaskay]

I suggest token based auth, so that it doesn't require any unnecessary interaction from the user. Shortly speaking, phone sends a device id and gets a token. Optionally, token could be bound to e-mail, phone number so that user can change device, but maintain his identity within tvarkau-vilniu. Any thoughts?

[GediminasZukas]

I am more into your optional proposal. We could implement two-factor sms authentication (enter phone number/get pin code/enter pin code and login) for example. In this case, municipality "problem solving unit" could fastly contact user to ascertain any information related to problem.

[tadaskay]

I guess there are 2 separate concerns here:

1. What authentication type do we want
2. Do we force users to authenticate before allowing to use the service at all, or make it optional (user would benefit from it, but might as well use the service right away)

[ViliusKraujutis]

Some discussion went on chat on slack.

I see two perspectives here:

• user,
• technical. And both are compatible!

From user perspective let's offer both anonymous and social logins (eg. for MVP just Google+ as Renat draw it in prototype).

But speaking from technical side (and it's compatible with user perspective), @tadaskay is right - best way is to use token based authentication.

Create token for each new app installation launched for the 1st time. And that would be used as an anonymous user.

Then linking other authentication methods would allow us to build user profiles and report problems with increased trust level. Possible identity providers could include:

• social networks
  • Google+ (the one we'll use in our MVP)
  • Facebook
  • Twitter, etc
• phone number
• Vilnius.lt account
• bank link.

Technical

Here is some random ideas for devs.

• So as @tadaskay suggested, let's use token based system.
• Create an app token each time new app installation is launched for the 1st time.
• Post device information to link app token with device information (actually that could be done with 1st call while getting app token), so we can protect from anonymous spammers as well as show anonymous users their own reports and keep them notifying about updates.
• Authenticating with social networks for the 1st time creates new user account in our system.
• Users can link multiple identity providers (social networks, email)
• If social identity provider has name, email, phone, we prefill our user object with this information automatically.
• Problems would have two fields device token and user_id. Latter is optional as logged in users still might want to report problems anonymously (as also designed in our prototype).

[eimantas]

I agree on token based authentication, however I suggest leaving the social profile login completely optional. There are people who care about Vilnius, but don't have gmail or Facebook profiles and don't hang out in any social networks whatsoever (because of the same privacy concerns).

The initial token generation on launch is a great idea that provides both the anonymity for the reporter and convenience of tracking reported issues. I don't think MVP needs any user profile at all as long as we can verify that report was sent from an app.

[tadaskay]

@eimantas shouldn't user already have a google account (on his device) to actually use the Play store to get the app itself?

I agree on the facebook that people might not want to use it for privacy concerns/don't have it, but in case of google account, we simply use what's already existing (it would not be a social login, but rather an account picker).

@ViliusKraujutis good points there. Multiple identity providers work, just one concern here - if we pick e-mail as a primary identity of the user, it's much easier later to merge multiple accounts into one (say, if a person uses both - web and mobile).

[eimantas]

@tadaskay - that's not the case for iOS devices.

There's also a possibility by using any OpenID as identity provider. Having this vilnius.lt could become one later on too.

[tadaskay]

@eimantas Ideally, primary iCloud account email could match (I don't know if it's technically feasible to acquire it via asking permissions on iOS). But a valid point indeed.

I guess we could make it optional after all, however having user identified would reduce the number of issues that need to go to manual queue for review (as people tend to act more responsibly when they are not anonymous).

From UI perspective - how about a one-time balloon to encourage user to identify (it can be discarded and user would never be bothered again)?

[eimantas]

@tadaskay - no way to find out iCloud's email address on iOS devices.

We could encourage users to authenticate by telling them that reports sent through authenticated account will receive higher priority. Don't know why, but it this "feature" has Orvelian vibe to it .)

The UI balloon could be one of the options. In any case - the authentication should be optional and easily accessible. There could be a separate tab at the bottom of the screen for iOS app (probably Android too). This place is closest to the thumb (sorry left-handed people). So it would be quite prominent place and user would see it quite often. This should raise the authentication rate.

[eimantas]

So all in all the best approach IMHO to make users authenticate is to list the benefits of anonymous vs identified reports. Some of these could be:

• Higher priority in queue of reports;
• Achievements (gamification);
• Track the progress of the issue;

I know that it's possible to give out achievements and send issue updates even for/about the anonymously reported issues, however if the authentication is the goal, I think we should retain these only to identified users.

[RenatBuga]

Let me sum up what was offered above:

• use tokens even for anonymous users
• let people authenticate via Google and later on other methods (social networks, email, sms etc)
• use a way to encourage people to authenticate on 1st launch (benefits for user can be decided later. The most necessary - let municipality employees contact you for extra information about your report)

I do agree with all these. If you do too, please thumb up and let use this as point of departure to the next development stage.

[ViliusKraujutis]

:+1:

[tadaskay]

:+1:

[eimantas]

:+1:

P.S. IMHO The final decision should be left to someone in the municipality.

[povilasp]

:+1:

[ViliusKraujutis]

Looks like it's agreed with @RenatBuga's latest https://github.com/vilnius/tvarkau-vilniu/issues/4#issuecomment-156385564. Closing this issue.