-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Automatic registration #173
Comments
Tim approved an automatic registration via a service like Shibboleth. Daniel pointed out that Shibboleth may be restricted to German academia only. Investigate this. |
It isn't, but it can be implemented by everybody like orcid or (Google) oauth. I would rather prefer oauth because it is more common. If the commercial users only use their own space (remote volumes) I don't see a point in not giving them access to Biigle. Furthermore we could have a usage policy, or implement a 2 step approach where we have to allow access first. |
Shibboleth appears to be a generic authentication service, not restricted to academia. I think in that case I prefer the two-step approach where we just activate the regular registration mechanism of BIIGLE and add a step where new users have to be approved by an admin. |
I'd like to move forward with this issue now. I'll implement this sign up flow:
This has the advantage of existing users being able to invite new users right away without a required action by the admins. |
I'd like to enable an automatic registration method, so we (the admins) don't have to manually create every new user. There are two ideas:
Enable the registration form (with decent spam protection). Whenever a new user is registered, they are created in a separate
pending_users
table and the admins are notified. Each pending user needs admin approval to become a full user but all this happens automatically once approval has been granted. The approved user gets an email notification with a link to choose their password.This idea came up in a discussion with the Geomar people. As a general rule we want to give anyone with a research/education background free access to BIIGLE. Shibboleth may be an authentication service that could do this. We could even think about using a unique identifier provided by Shibboleth as a seed for the BIIGLE user UUID.
The text was updated successfully, but these errors were encountered: