Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Guide on unified sign in and registration logic #12

Open
danschultzer opened this issue Sep 28, 2019 · 0 comments
Open

Guide on unified sign in and registration logic #12

danschultzer opened this issue Sep 28, 2019 · 0 comments
Labels
documentation Improvements or additions to documentation

Comments

@danschultzer
Copy link
Collaborator

An elixirforum post prompted this idea.

Apple and Google has an auth flow where the user first enters their user id and then depending on whether the user exists, prompts for their password or registration details.

Stripe however has a different approach that might be more secure (thinking about info leakage). The registration and sign in works exactly the same. A new user will be created if the user id hasn't been taken, otherwise it'll authenticate. There can still be both a "Sign in" and "Registration" page, but the same logic will be used for both. This method does make the confirm_password field obsolete, and would require that only user id and password is required for initial account creation.

The guide can maybe also be combined with anonymous sign up (temporary accounts that will ask the user to input credentials to store the account permanently).
@danschultzer danschultzer added the documentation Improvements or additions to documentation label Sep 28, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@danschultzer