It seems to me that agent based password reset mechanism is pretty simple. I ll try to implement it and see if it gets more complex that I thought.
On Oct 29, 2:04 am, Alex North <[email protected]> wrote: > On 29 October 2010 10:44, Vega <[email protected]> wrote: > > > Hmm, I don't see a way how "password reset mechanism" can be outside > > of the > > authenticated world. Admin should be authenticated into something (DB > > at least). > > Sorry, I wasn't very clear. Yes, admins should be authenticated when > administering the user database. > > Any self-password-reset mechanism would need to be unauthenticated (but then > rely on some other verification system, like sending an email to a known > address). > > > If you want the most simple wavy password reset mechanism - do it with > > agent. > > -Invite agent into wave. > > -Issue password reset command > > -Agent has the access to users accounts, so it can check if the user > > is authorized for such action, if so - it resets the password. Cannot > > be simpler than that and easy to implement - and still wavy. > > I love your passion for implementing things the wavy way! Experience has > taught me that it's more complex than you make it out, though. > > > > > > > On Oct 29, 1:26 am, Alex North <[email protected]> wrote: > > > I happen to agree with Vega that hosting profile information in Wave has > > > many advantages. However I disagree just on one piece: the login > > > information. I do think the username and password need to > > > be manageable outside of Wave itself. They provide kind of a minimal > > > bootstrapping environment you need. First you get a username and > > password, > > > then you can log into Wave. > > > > Clearly the password reset mechanism needs to be outside of the > > > authenticated world. I think it's simplest to put basic password > > management > > > (changing your password when you already know it) outside of waves too. > > > Building data models in Wave is nice and flexible, but it's a lot of > > > overhead for something as basic as login credentials. > > > > In many cases, authentication will be delegated to some other system, > > LDAP > > > for example. We're just trying to implement something basic for groups > > that > > > don't have such a system. > > > > On 29 October 2010 05:03, Vega <[email protected]> wrote: > > > > > The advantage is obvious - you have everything in one place. Another > > > > advantage - the Wave environment - it means an option for extension. > > > > For example you can create a simple profile wave. Then you (or some > > > > 3rd party) can add extension that would import user info from facebook > > > > etc... > > > > > On Oct 28, 1:03 pm, x00 <[email protected]> wrote: > > > > > Even if you have a gadget, you still need an interface to do the > > > > > management. I don't see much advantage of embedding this within a > > > > > wavelet. > > > > > -- > > > > You received this message because you are subscribed to the Google > > Groups > > > > "Wave Protocol" group. > > > > To post to this group, send email to [email protected]. > > > > To unsubscribe from this group, send email to > > > > [email protected]<wave-protocol%2bunsubscr...@goog > > > > legroups.com> > > <wave-protocol%2bunsubscr...@goog legroups.com> > > > > . > > > > For more options, visit this group at > > > >http://groups.google.com/group/wave-protocol?hl=en. > > > -- > > You received this message because you are subscribed to the Google Groups > > "Wave Protocol" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]<wave-protocol%2bunsubscr...@goog > > legroups.com> > > . > > For more options, visit this group at > >http://groups.google.com/group/wave-protocol?hl=en. -- You received this message because you are subscribed to the Google Groups "Wave Protocol" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/wave-protocol?hl=en.
