Future Social Authentication Improvements

(David Taylor) #1

Discourse now has the ability to connect and disconnect different authentication providers to your account. This is good, but there is still more we can do. These are things I intended to do with my last round of improvements, but have not managed to complete before needing to move on to another project.

As @fantasticfears pointed out here, features like this are difficult to implement with the current data structure. We should try and consolidate this information into one table, and share as much logic between providers as possible.

An improved system would be a user_associated_accounts table. Columns are based on the omniauth ‘auth hash schema’ Auth Hash Schema · omniauth/omniauth Wiki · GitHub. Email and nickname have dedicated columns as well as the ‘info’ column, so that they can be easily accessed.

  • provider_name (not null) (omniauth ‘provider’ - required)
  • provider_uid (not null) (omniauth ‘uid’ - required’)
  • user_id (not null)
  • last_used (not null)
  • info (jsonb) (omniauth ‘info’)
  • credentials (jsonb) (omniauth ‘credentials’)
  • extra (jsonb) (omniauth ‘extra’)

The tricky bit here will be migrating data to the new structure, and updating plugins accordingly. It’s not a small amount of work, but I think it would be worth it.

Ability to connect with OAuth providers when user is registered?
Auth provider plugin information for plugin authors?
Statistics regarding registrations (native versus external)
(Sam Saffron) #2

I very much support this change. In this very specific case I also support an extra column in the table for “extra auth provider data” so we have some flexibility.