How to implement a no-login authentication system
- by mrwooster
I am looking to build a very loose authentication system that can track a user and link submitted data/comments to a specific user. The submissions are essentially anonymous, but a user may want to edit his submission/comment at a later date.
I want the experience to be as smooth as possible so do not want to ask users to sign up for an account and then login each time. There is no point as their submissions are not in their name and to another user browsing the site, there is no way of linking a submission to a specific user (think anonymous comments on a blog post or pastie). However, the user should have the ability to edit (at least in the short term) the content they have posted.
The way I imagine doing this would be to place a unique identifier in a cookie on the users machine. This would enable me to link a submission to a user, and while that cookie remained on the users machine, I would allow them to edit their content. Of course, if the cookie is lost, or the user accesses the site from a different browser, then they would not be able to edit their content, but this is not really an issue, they can always resubmit a new piece of content.
Is there a better way of doing this? How can I implement this so that the user can edit their data for the longest possible amount of time.