<div dir="ltr">Hi Frederick, Sam.<div><br></div><div>Well, the way I imagine this project is that a user can launch into a Discourse discussion in a Browse activity. This activity can then be shared as any other activity - this part will not require any other specific changes to be made (if I understand your request correctly). We can, however, add links to the discussions on Discourse on the sugar-network website in the relevant places.</div>
<div><br></div><div>Anyway, I tried to think of a few ways in which we can preserve a user session across discussions. Finally, I've decided on the following flow:</div><div><br></div><div>1. Get the user to register the first time - this process is very easy and we can pick email directly from sugar. Then, the part before the '@' can be the default username for Discourse (this the user can of course change). The user will need to enter the password though.</div>
<div><br></div><div>2. Discourse will create a session for the user and send the browser the session information(cookies). Now, and this is a crucial point, I'll need to modify the browse activity to add a method that can will return session information (the session cookie) to the calling process. I'll call this method via DBus to retrieve the this information. We'll then store this in a configuration file.</div>
<div><br></div><div>3. The user can then close the browser. When the user opens the browser again:</div><div><ul><li>we'll check if the session cookie exists.<br></li><li>if it does, then we do not need to write this cookie to the browser.</li>
<li>otherwise, we'll retrieve the session cookie from the config file and write it to the browser - this will need another method to be added to the browse activity.</li></ul><div>This will log the user back in seamlessly without the need to fill in authentication information.</div>
</div><div><br></div><div>Now, if we go through with this implementation strategy, then our only concern at this stage will be whether the getCookie and setCookie can be implemented in the browse activity. Of course, getting and setting cookies can be done via JS in any webkit browser. So, I think it shouldn't be difficult to do this.</div>
<div><br></div><div>Now the decision remains whether to proceed with this course or not (in which case we'll probably need to talk to discourse devs about how to log users in directly with a<a href="https://meta.discourse.org/t/why-does-discourse-use-pbkdf2/2934"> PBKDF2 hash</a>. Btw, they're using <a href="https://github.com/intridea/omniauth">OmniAuth</a> for authentication and they also provide quite a few authentication hooks to tweak authentication according to our needs, so it shouldn't be too hard ...).</div>
<div><br></div><div>@Sam, @Frederick: Please let me know of a decision on this.</div><div><br></div><div>Also, @Frederick, let me know if we need anything specific to sugar-network other than what I mentioned earlier.</div>
<div><br></div><div>Thanks</div><div>Prasoon</div></div>