[Sugar-devel] Help required with webservices

[Martin Abente]

IMHO, I don't think you _have_ to use webservices, but, if you require to
integrate back-end (external web platforms) facilities into the Sugar
shell, ie., uploading entries from the journal to your platform, it will be
convenient to use webservices approach, and in that case it would be easier
(for you and the end-user) to place auth bits together.


On Sun, Jun 8, 2014 at 3:48 PM, Prasoon Shukla <prasoon92.iitr at gmail.com>
wrote:

> Hi all
>
> This problem has been troubling me for a bit and I'd appreciate any help
> on this.
>
> So, first, I'll describe in short what I want to achieve and then we'll
> move on to the problem.
>
> I'm making an activity which is just a lightweight version of the browser
> activity. This activity is called social-help and the user can launch it
> using a shortcut. The activity opens to a Discourse <http://discourse.org>
> based forum.
>
> The user has the choice to login using either facebook, google, github,
> twitter or a yahoo account. Also, the user can make a standalone Discourse
> account, too, the usual way.
>
> Now, the question. I've been told a few times to use the existing
> webservices mechanism to store a user's session so that the user won't need
> to login every time he opens the activity. However, there is no *need* for
> it, IMO. The activity, as I've mentioned already, is a web browser, of all
> things, and can happily store cookies so that users will be logged in every
> time they open the activity.
>
> So, what's the use of using the webservice mechanism in such a case?
>
> Also, if we must use a webservice for logins, there is then the question
> of *which* auth system to use - there are five different OAuth systems
> and a native one, too. Also, discourse doesn't provide access tokens like
> facebook (say) and so, we'll need to do sometime like the PutLocker
> webservice - we'll need to store a plaintext password
> <https://github.com/ignaciouy/sugar-putlocker/blob/master/extensions/webservice/sugarupload/account.py#L43>.
> I am against this idea, however.
>
> So, the gist of it is this: Why use a webservice when the browser cookies
> work just fine? If we do use a webservice, then what exactly will be the
> mechanism underlying the whole thing (multiple OAuths and the like - how
> will we manage this)?
>
> Thanks. Looking forward to an answer.
> ᐧ
>
> _______________________________________________
> Sugar-devel mailing list
> Sugar-devel at lists.sugarlabs.org
> http://lists.sugarlabs.org/listinfo/sugar-devel
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sugarlabs.org/archive/sugar-devel/attachments/20140608/32c5fcd9/attachment-0001.html>