Depending what you mean by "agent-based", please avoid using the code in box.server.agents. That code is earmarked for deletion; it was a rush job and does things in an ugly way. Its presence significantly hampers other development. We're only leaving it around to support the "echoey" agent which is the only way to tell you've successfully federated with acmewave. As soon as we've ported echoey to a robot we intend to delete the code.
You could build new code talking to the c/s protocol - with code review I'm optimistic we can do it right this time. A. On 29 October 2010 17:58, Vega <[email protected]> wrote: > It seems to me that agent based password reset mechanism is pretty > simple. I ll try to implement it and see if it gets more complex that > I thought. > > On Oct 29, 2:04 am, Alex North <[email protected]> wrote: > > On 29 October 2010 10:44, Vega <[email protected]> wrote: > > > > > Hmm, I don't see a way how "password reset mechanism" can be outside > > > of the > > > authenticated world. Admin should be authenticated into something (DB > > > at least). > > > > Sorry, I wasn't very clear. Yes, admins should be authenticated when > > administering the user database. > > > > Any self-password-reset mechanism would need to be unauthenticated (but > then > > rely on some other verification system, like sending an email to a known > > address). > > > > > If you want the most simple wavy password reset mechanism - do it with > > > agent. > > > -Invite agent into wave. > > > -Issue password reset command > > > -Agent has the access to users accounts, so it can check if the user > > > is authorized for such action, if so - it resets the password. Cannot > > > be simpler than that and easy to implement - and still wavy. > > > > I love your passion for implementing things the wavy way! Experience has > > taught me that it's more complex than you make it out, though. > > > > > > > > > > > > > On Oct 29, 1:26 am, Alex North <[email protected]> wrote: > > > > I happen to agree with Vega that hosting profile information in Wave > has > > > > many advantages. However I disagree just on one piece: the login > > > > information. I do think the username and password need to > > > > be manageable outside of Wave itself. They provide kind of a minimal > > > > bootstrapping environment you need. First you get a username and > > > password, > > > > then you can log into Wave. > > > > > > Clearly the password reset mechanism needs to be outside of the > > > > authenticated world. I think it's simplest to put basic password > > > management > > > > (changing your password when you already know it) outside of waves > too. > > > > Building data models in Wave is nice and flexible, but it's a lot of > > > > overhead for something as basic as login credentials. > > > > > > In many cases, authentication will be delegated to some other system, > > > LDAP > > > > for example. We're just trying to implement something basic for > groups > > > that > > > > don't have such a system. > > > > > > On 29 October 2010 05:03, Vega <[email protected]> wrote: > > > > > > > The advantage is obvious - you have everything in one place. > Another > > > > > advantage - the Wave environment - it means an option for > extension. > > > > > For example you can create a simple profile wave. Then you (or some > > > > > 3rd party) can add extension that would import user info from > facebook > > > > > etc... > > > > > > > On Oct 28, 1:03 pm, x00 <[email protected]> wrote: > > > > > > Even if you have a gadget, you still need an interface to do the > > > > > > management. I don't see much advantage of embedding this within a > > > > > > wavelet. > > > > > > > -- > > > > > You received this message because you are subscribed to the Google > > > Groups > > > > > "Wave Protocol" group. > > > > > To post to this group, send email to > [email protected]. > > > > > To unsubscribe from this group, send email to > > > > > [email protected]<wave-protocol%[email protected]> > <wave-protocol%2bunsubscr...@goog legroups.com> > > > <wave-protocol%2bunsubscr...@goog legroups.com> > > > > > . > > > > > For more options, visit this group at > > > > >http://groups.google.com/group/wave-protocol?hl=en. > > > > > -- > > > You received this message because you are subscribed to the Google > Groups > > > "Wave Protocol" group. > > > To post to this group, send email to [email protected]. > > > To unsubscribe from this group, send email to > > > [email protected]<wave-protocol%[email protected]> > <wave-protocol%2bunsubscr...@goog legroups.com> > > > . > > > For more options, visit this group at > > >http://groups.google.com/group/wave-protocol?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Wave Protocol" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<wave-protocol%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/wave-protocol?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Wave Protocol" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/wave-protocol?hl=en.
