Integrate OpenId into an existing site

Posted by Andrea on Stack Overflow See other posts from Stack Overflow or by Andrea
Published on 2010-04-20T16:30:21Z Indexed on 2010/04/20 16:33 UTC
Read the original article Hit count: 249

Filed under:
|
|

I have a working web application which already has a login and registration system. I'm looking for some advice on how to do it.

Until now, users have a username, an email, a password and some optional fields. The registrartion is the usual process with email confirmation.

Now I'd like to allow users to use OpenId. So I have added an openid field to the table. There are two different login forms, and users which are already registered can add their openid info and use either login form.

The problem is with new users who come on the site for the first time and try to login with OpenId. I create a new user for them, and I don't need a password, but still I need at least a username, which is used on the site (I'm not sure if the email is needed).

So my problems are:

1) How do I manage validation? Some fields are required for some users, (e.g. a password) but not for some others. I mean, I can do this, but it immediately gets messy.

2) Should I ask for a username and email on the first OpenId login? On the one hand I'd say yes, but I fear this vanishes the advantages of using OpenId, that is, not having to provide details.

3) I could get the details via SReg or AttributeExchange, but most providers have a bad support for those. For instance my Gmail OpenId account does not tell the email (!). Is there some place to learn more about the current support for these extensions?

© Stack Overflow or respective owner

Related posts about openid

Related posts about web-development