[Sugar-devel] Regarding Social Help project

Prasoon Shukla prasoon92.iitr at gmail.com
Wed Mar 12 14:26:25 EDT 2014


Hi Frederick, Sam.

Well, the way I imagine this project is that a user can launch into a
Discourse discussion in a Browse activity. This activity can then be shared
as any other activity - this part will not require any other specific
changes to be made (if I understand your request correctly). We can,
however, add links to the discussions on Discourse on the sugar-network
website in the relevant places.

Anyway, I tried to think of a few ways in which we can preserve a user
session across discussions. Finally, I've decided on the following flow:

1. Get the user to register the first time - this process is very easy and
we can pick email directly from sugar. Then, the part before the '@' can be
the default username for Discourse (this the user can of course change).
The user will need to enter the password though.

2. Discourse will create a session for the user and send the browser the
session information(cookies). Now, and this is a crucial point, I'll need
to modify the browse activity to add a method that can will return session
information (the session cookie) to the calling process. I'll call this
method via DBus to retrieve the this information. We'll then store this in
a configuration file.

3. The user can then close the browser. When the user opens the browser
again:

   - we'll check if the session cookie exists.
   - if it does, then we do not need to write this cookie to the browser.
   - otherwise, we'll retrieve the session cookie from the config file and
   write it to the browser - this will need another method to be added to the
   browse activity.

This will log the user back in seamlessly without the need to fill in
authentication information.

Now, if we go through with this implementation strategy, then our only
concern at this stage will be whether the getCookie and setCookie can be
implemented in the browse activity. Of course, getting and setting cookies
can be done via JS in any webkit browser. So, I think it shouldn't be
difficult to do this.

Now the decision remains whether to proceed with this course or not (in
which case we'll probably need to talk to discourse devs about how to log
users in directly with a PBKDF2
hash<https://meta.discourse.org/t/why-does-discourse-use-pbkdf2/2934>.
Btw, they're using OmniAuth <https://github.com/intridea/omniauth> for
authentication and they also provide quite a few authentication hooks to
tweak authentication according to our needs, so it shouldn't be too hard
...).

@Sam, @Frederick: Please let me know of a decision on this.

Also, @Frederick, let me know if we need anything specific to sugar-network
other than what I mentioned earlier.

Thanks
Prasoon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sugarlabs.org/archive/sugar-devel/attachments/20140312/f37f316c/attachment.html>


More information about the Sugar-devel mailing list