Differences

This shows you the differences between two versions of the page.

--- pecl:web:todo:svn_auth [2011/07/23 14:43] – move the svn_auth to a childpage tyrael
+++ pecl:web:todo:svn_auth [2021/04/06 08:04] (current) – rename master to main sergey
@@ Line 1: / Line 1: @@
-====== Svn auth (through master.php.net) ======
+====== Svn auth (through main.php.net) ======
-  * change the authentication to use the master.php.net instead of the local passwords
-  * the user/pass on account-request page will be mandatory. it is a must if we want to auth from there. the documentation and in most cases the sourcecode goes into svn anyway, so it's not a big change.
+===== login =====
-  * drop/empty the password field in the local database
+  * users can log in with their svn credentials.
-  * check if there are pecl users without svn account, because they won't be able to login without creating an svn account first.
+  * if the given username is in the db, but it is missing from main.php.net, we error out and tell him/her to contact pecl-dev@php.net for help.
+  * we create the user record in the db if neccessary on the first login. we pull the user info(name, email) from main.php.net.
+  * the 'PEAR_USER' and 'PEAR_PW' cookies are removed and those checks are replaced, we only use the session cookie for user authentication.
+  * the password field from the user table should be dropped.
+===== account request =====
+  * SVN account request isn't optional anymore.
+  * we first check the username/password against main.php.net, if thats succesful, we error out and tell the user to simply log in.
+  * if the given username exists on the main.php.net, but the password isn't right, we error out and tell the user that chose a different username or try to login or use the http://main.php.net/forgot.php to change his password.
+  * if it's a new user, we send the svn account request and we create a normal user record in the db, not a temp, as the login will only work if the svn account is approved.

Differences

Page Tools