php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #50550 global login usage
Submitted: 2009-12-21 22:55 UTC Modified: 2012-04-13 13:31 UTC
From: philip@php.net Assigned: yannick (profile)
Status: Closed Package: Online Doc Editor problem
PHP Version: Irrelevant OS: N/A
Private report: No CVE-ID: None
 [2009-12-21 22:55 UTC] philip@php.net
Description:
------------
The login should not require a password, or at least, should use the 
global php.net authentication system (and associated magical cookie). In 
other words, use the same credentials as the other *.php.net sites, like 
bugs and wiki.

The main question is how to make this interact with individual SVN 
credentials, but it seems possible. If not, then maybe require the 
password only for those doing SVN commits, although, hopefully this 
won't be needed.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-12-29 00:35 UTC] yannick@php.net
I just commit a first attempts to solve this issue.

http://svn.php.net/viewvc?view=revision&revision=292728

With this modification :

* When the apps is installed into doc.php.net server, the authentication method use master.php.net, otherwise, the "old" way is steel used. The main problem for me is to continue to code this apps on local... if I use "exclusively" master.php.net to authenticate, I can't login to the apps with my local server (as I need a TOKEN value witch I haven't, of course, into my local server).

* When the user try to login, I now check his karma according to the language he have chosen and trow an error if he haven't the good one.

Please, tell me if this first step is Ok for you.
The next is the use of the magical cookie to avoid the necessity to login.
 [2011-07-11 11:37 UTC] philip@php.net
Thankfully the magical cookie no longer exists at php.net. However, eventually 
php.net will use OAuth2 so we'll be able to hook into that.

The current system is okay and has been working (sorry, I forgot about this bug 
report), but let's keep this as a reminder to implement the new system once it 
exists.
 [2012-04-13 13:30 UTC] yannick@php.net
When OAuth2 will be implemented, I will use it.

I think we can close this bug for now.
 [2012-04-13 13:31 UTC] yannick@php.net
-Status: Assigned +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Jul 18 18:01:30 2024 UTC