// sign up | |
account.signUp('joe@example.com', 'secret'); | |
// sign in | |
account.signIn('joe@example.com', 'secret'); | |
// sign in via oauth | |
account.signInWith('twitter'); | |
// sign out | |
account.signOut(); | |
// change password | |
account.changePassword('currentpassword', 'newpassword'); | |
// change username | |
account.changeUsername('currentpassword', 'newusername'); | |
// reset password | |
account.resetPassword('joe@example.com'); | |
// destroy account and all its data | |
account.destroy('currentpassword'); | |
// all methods could alternatively accept a parameter hash | |
// that would also allow for additional user info | |
account.signUp({ | |
username: 'joe2000', | |
password: 'secret', | |
birthday: '1984-05-09', | |
email: 'joe@example.com' | |
}); | |
// that would also allow for a general change method, | |
// that changeUsername or changePassword would simply | |
// be shortcuts for | |
account.change({ | |
birthday: '1984-05-09', | |
}); | |
account.change({ | |
username: 'joe3000', | |
password: 'secret' | |
}); |
This comment has been minimized.
This comment has been minimized.
thanks for the input, @matteocrippa! So you'd suggest something like this, right? // sign up
account.signUp('joe@example.com', 'secret', {
name: "Joe Doe",
age: 30
}); That's interesting, I definitely see use cases for that. So if we have user properties, we'd also need a method to update these specifically I guess? Maybe // load user settings
account.loadUserData() // loads all
account.loadUserData("name") // loads name setting
// update user settings
account.updateUserData({ name: "Jane Doe", age: 29 })
account.updateUserData( "name", "Jane Doe" }) |
This comment has been minimized.
This comment has been minimized.
Maybe if the "signIn" function handled signups too. Also, if you didn't have to worry about the performance costs of parsing a function name, I would love if things like 'changeUsername' called 'change' with 'username' as the first argument. I don't think it's better or worse, just offering another brainstorm. //all the lines that are grouped together would act the same
account.signIn('currentusername', 'currentpassword')
account.signIn({username: 'currentusername', secret: 'currentpassword'})
account.signInUsing('twitter')
account.signIn({using: 'twitter'})
account.signOut()
account.changePassword('newpassword', 'currentpassword')
account.changePassword('newpassword', {secret: 'currentpassword'})
account.change('password', 'newpassword', {secret: 'currentpassword'})
account.changeUsername('newusername', 'currentpassword')
account.change('username', 'newusername', 'currentpassword')
account.resetPassword('currentusername')
account.resetPassword({username: 'currentusername'})
account.destroy()
account.signIn('currentusername', {name: 'Joe Doe', age: 30, secret: 'currentpassword'})
account.get()
account.get('name')
account.getName()
account.change({name: 'Jane Doe', age: 29})
account.change('name', 'Jane Doe')
account.changeName('Jane Doe') |
This comment has been minimized.
This comment has been minimized.
This is pretty awesome. Might incorporate this in my next project! |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
// To verify if a user is sign in |
This comment has been minimized.
This comment has been minimized.
this is awesome, lots of great ideas! I also thought about passing an object with {username, password} instead of two separate parameters to I'm not sure if I'd merge that's a great idea, the parameter could be optional to check: // user is signed in
account.isSignedIn()
// user is signed in as joe@example.com
account.isSignedIn('joe@example.com') is there any way to enable notifications on gists commets / forks? |
This comment has been minimized.
This comment has been minimized.
I've never understood the reason to use 'username' instead of just 'email' and 'password'. |
This comment has been minimized.
This comment has been minimized.
Restrictions for usernames, e.g. only valid emails, is app specific. So in your case, The actual API should not be affected by that. |
This comment has been minimized.
This comment has been minimized.
This stuff still seems to be thinking about the backend too much. In a nobackend system that I'm playing with in my spare time, I just delegate all of that to Mozilla persona. As a developer I don't want to care about signup. The developer code gets given the persona validated email address of the person signing in, and the hash of it (in case they want to send it to other users for displaying gravatars). So the code I want to write is something like .login() / .logout() and .onLogin=.onLogout= . I really don't care about 'signup'. |
This comment has been minimized.
This comment has been minimized.
Actually Clojure on Coils already lets front end only developers write full backend code securely without having to code the backend: https://github.com/zubairq/coils : see here for an actaul source file to see the login functionality calling SQL statements: https://github.com/zubairq/coils/blob/master/src/webapp/client/views/loginpanel.cljs |
This comment has been minimized.
This comment has been minimized.
With all the security breaches around I'd rather not maintain another set of username/passwords. How would it work when I want to use Facebook/Twitter/OAuth/SAML for signup/login? |
This comment has been minimized.
This comment has been minimized.
var provider = 'twitter' // can be what ever the backend supports, like 'google', 'facebook', etc
account.signInWith(provider); It's already in the code above. |
This comment has been minimized.
This comment has been minimized.
what about:
Instead of change method? Breaks the order? I.e because account is a namespace for account functions? |
This comment has been minimized.
This comment has been minimized.
Great ideas! |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Hi! -- Jonathan |
This comment has been minimized.
This comment has been minimized.
How to add capcha support? |
This comment has been minimized.
This comment has been minimized.
WOW! This is amazing! |
This comment has been minimized.
This comment has been minimized.
And this all with full IntelliSense: instead of a JSON Object where yopu have to remember or lookup possible object variables:
|
This comment has been minimized.
This comment has been minimized.
something like u = User().email('a@b.c').password('').sudo() could give me a window.user and if pass is wrong, just send an email that allows to sign in once, or change password + autosignin in the other window. Omittting .password() would make the signin code attempt to use whatever browser or other APIs available and fallback to the email-as-login approach. If browser has multiple possibilities like Persona, Oauths, SQRL, then a stored cookie is used to record stats on how succesful the approaches have been, to avoid begging for Facebook Oauth from someone who never used it before, but show it immediately to one who exclusively prefers it. |
This comment has been minimized.
Trying to test a signUp process where username is a required field we should act like this:
account.signUp('joe@example.com','secret');
then
account.changeUsername('currentpass','newusername');
Can't we add a third optional var for signUp in which we pass directly the username or an array with extra info?
Finally with reference to https://gist.github.com/gr2m/5463675 it think we should change signInWith with something like signInUsing