Hi! When Frederik asked about using OAuth for the GeoChat plugin, I
remembered the same problem I had with the imagery offset database. And
since I was in a "programming" mode, this lead to an idea on how to skip
OAuth for client applications, while reliably identifying users. So the
whole Sunday I was coding, and now I am proud to present the
OpenStreetMap Authentication Proxy:
http://auth.osmz.ru/
https://github.com/Zverik/osm-auth-proxy
The idea is that the service, to which you log in via OAuth, generates
tokens, which it can then remember and exchange for some related user
info. Some tokens are permament, some work only once, so even if someone
manages to steal one, it would only work until the first logout.
Actually, do visit the page: most of it is filled with description text.
I will probably use this service for identifying users in GeoChat and
other services, and will be happy to see it being used by others.
IZ
_______________________________________________
talk mailing list
[email protected]
http://lists.openstreetmap.org/listinfo/talk
