Saturday, October 22, 2016

Thinking about user accounts

So far we just walk in and chat.  While this is ok it would be better if we all could have an account.  Why?  Because having an account opens the door to having features that only account holders have.  Do we have any such features as yet?  No, but then again, step one is to have accounts.  Everything else will follow.

Using 3rd Party Authentication

My current thought is to use a third party service that will authenticate users.  What does this mean?  Have you ever been to a site to buy something and they say create an account or login using your google account or login using your Facebook account?  When a site uses google or Facebook to authenticate they are effectively using third parties.

Let's look at some terminology here:
Authentication: The act of verifying you are who you say you are.
Authorization:  What are you allowed to do on this site.  Chat, be a mod, be a room owner etc.

Authentication handled by a third party is safer for us all.  I never get to see your passwords or your information,  For example if you authenticate against Facebook all I get is a yes or no from Facebook on whether your username and password you provided to Facebook are valid or not.  This way none of your passwords are ever stored on Deviantlives servers.  No one can hack in and peek and steal what is your private information.  Once a third party service returns a successful authentication by you, I can then say aha!!!  These are the chat names registered to you, these are the rooms you can chat in, you are a mod in the following rooms, and you own the following rooms.  See where I am going with this? :-)

This is also good for the site.  If any user indulges in illegal activities, its now easier (not easy) to track them.  I really hope this situation never arises.

More on this later.......

No comments:

Post a Comment