Differences

This shows you the differences between two versions of the page.

--- pecl:web:todo:svn_auth [2011/07/23 14:40] – created tyrael
+++ pecl:web:todo:svn_auth [2021/04/06 08:04] (current) – rename master to main sergey
@@ Line 1: / Line 1: @@
-describe how to proceed with the new authentication method
+====== Svn auth (through main.php.net) ======
+===== login =====
+  * users can log in with their svn credentials.
+  * if the given username is in the db, but it is missing from main.php.net, we error out and tell him/her to contact pecl-dev@php.net for help.
+  * we create the user record in the db if neccessary on the first login. we pull the user info(name, email) from main.php.net.
+  * the 'PEAR_USER' and 'PEAR_PW' cookies are removed and those checks are replaced, we only use the session cookie for user authentication.
+  * the password field from the user table should be dropped.
+===== account request =====
+  * SVN account request isn't optional anymore.
+  * we first check the username/password against main.php.net, if thats succesful, we error out and tell the user to simply log in.
+  * if the given username exists on the main.php.net, but the password isn't right, we error out and tell the user that chose a different username or try to login or use the http://main.php.net/forgot.php to change his password.
+  * if it's a new user, we send the svn account request and we create a normal user record in the db, not a temp, as the login will only work if the svn account is approved.