Aamir Khan writes:
Hi everybody!
First task I am going to do for my GSoC project is to have login authentication mechanism for HyperKitty users. I have had discussion with few mailman developers about it. I am planning to wrap up social_auth into mm_ui_auth django application. Both postorius and HyperKitty can use this app for authenticating users.
Please explain in somewhat more detail. Not all of us know what "social_auth" is, and since Postorius and HyperKitty are independent apps, presumably there will need to be some design and coordination effort to get everybody on the same page.
In the spirit of "DRY" (don't repeat yourself), rather than make long posts here, I suggest that you start a blog or a Wiki page on the Mailman site where you can log (1) your design decisions and (2) any agreements on APIs etc you make with other Mailman developers (or third parties such as maintainers of libraries you use). Then you can simply have a shortcut key and say
"I've designed an authentication mechanism for HyperKitty users, which I expect to be extensible for use by Postorius and other Django apps for Mailman. See my blog: http://blogs.example.com/~aamir/gsoc/."
George is doing this quite well IMO. Kudos to George!
N.B. George is generally copying his blog post to this list. That's OK if you want to do it, but IMO not necessary. (But that's something we will evolve over time, and I defer to Terri's opinion on this kind of thing. This is all just a suggestion.)
Stephen,
"social_auth" is a django "app" (Think library) that handles OpenID, BrowserID, Google, Twitter, etc. authentication. It is with the DRY principal in mind that I think we should "wrap" it to make a common login manager app that will be used by both HK and postorius.
This is important because "Sally", as a website designer, will want to have Postorius, HK, and her own (for example project status or e-commerce) material delivered as a single website. The end-user, "Bob", will think of this as a single website and not as three websites cobbled together. He perceives that he logs into the site, not the mailing list or archives. He certainly wants to log in only once to be able to access all of the functions of any of the components. Since the login access and (at least some of) the user tools would likely appear in the header of (almost) every page on the website, each component needs to make these items available to the site designer for her inclusion in the sites "base_site.html" template and ALL of the submodules, including django.contrib.admin, need to extend a single (remember DRY) common template. This infers that, where possible, each of these should use the same css classes in a consistent way.
As for George posting to both his blog and this list, I think that the purpose in his doing so is to make additional members of the developer community aware of his activity. Since he is still in the design phase for the interfaces to both the web side and the MM core side, it is important for him to get early feedback. In keeping with the DRY principal, it might be more appropriate for him (and Aamir, etc.) to post simple paragraphs
"Work progressing on .... See my latest update on <a href="http://...">my Blog</a> for additional details.
to this list when they have made a significant posting.
Richard
On May 29, 2012, at 11:37 PM, Stephen J. Turnbull wrote:
Aamir Khan writes:
Hi everybody!
First task I am going to do for my GSoC project is to have login authentication mechanism for HyperKitty users. I have had discussion with few mailman developers about it. I am planning to wrap up social_auth into mm_ui_auth django application. Both postorius and HyperKitty can use this app for authenticating users.
Please explain in somewhat more detail. Not all of us know what "social_auth" is, and since Postorius and HyperKitty are independent apps, presumably there will need to be some design and coordination effort to get everybody on the same page.
In the spirit of "DRY" (don't repeat yourself), rather than make long posts here, I suggest that you start a blog or a Wiki page on the Mailman site where you can log (1) your design decisions and (2) any agreements on APIs etc you make with other Mailman developers (or third parties such as maintainers of libraries you use). Then you can simply have a shortcut key and say
"I've designed an authentication mechanism for HyperKitty users, which I expect to be extensible for use by Postorius and other Django apps for Mailman. See my blog: http://blogs.example.com/~aamir/gsoc/."
George is doing this quite well IMO. Kudos to George!
N.B. George is generally copying his blog post to this list. That's OK if you want to do it, but IMO not necessary. (But that's something we will evolve over time, and I defer to Terri's opinion on this kind of thing. This is all just a suggestion.)
Richard Wackerbarth writes:
Stephen,
"social_auth" is a django "app" (Think library) that handles OpenID, BrowserID, Google, Twitter, etc. authentication.
Yeah, I think all the mentors and most of the other subscribers here can figure that out. The questions are "which one?" (just an URL will do) and "why this one?" (ie, what are the design requirements and how does this app compare to the alternatives in meeting them?)
Requirements and design are important, and the GSoC developers (== students) should be doing this work and reporting on it IMO.
It is with the DRY principal in mind that I think we should "wrap" it to make a common login manager app that will be used by both HK and postorius.
Again, I think we all agree on that. My question is, that implies a set of requirements sufficient for both HyperKitty and Postorius. Why do we believe that such a set of requirements is known, and satisfied by the design? And how about Alex's NNTP access? If access to the archives is to be authenticated, then we would want the NNTP access to be authenticated, and consistent with HyperKitty. Can a Django authentication system do that? Can social_auth?
Aamir is explicitly working on HyperKitty. While it makes a whole lot of sense for him to generalize the authorization module to Postorius (and one would hope beyond), this does require communication with the people doing Postorius. If he's talked to them and believes there's agreement on requirements, all I want to see is "I've talked to Florian on IRC about Postorius requirements for authorization, and we agree that they have the same requirements (see my blog)." Of course he's welcome to post as much detail as he likes!
By the way, I think we should let the developers speak for themselves. I don't have any objection to developers getting a lot of help from mentors, but they should be able to present and to some extent defend their own work. If there's a language issue -- AFAIK none of our students are native English speakers -- they should feel free to say so, too, and we'll work that out.
On Thu, May 31, 2012 at 05:00:48PM +0900, Stephen J. Turnbull wrote:
Richard Wackerbarth writes:
Stephen,
"social_auth" is a django "app" (Think library) that handles OpenID, BrowserID, Google, Twitter, etc. authentication.
Yeah, I think all the mentors and most of the other subscribers here can figure that out. The questions are "which one?" (just an URL will do) and "why this one?" (ie, what are the design requirements and how does this app compare to the alternatives in meeting them?)
Requirements and design are important, and the GSoC developers (== students) should be doing this work and reporting on it IMO.
It is with the DRY principal in mind that I think we should "wrap" it to make a common login manager app that will be used by both HK and postorius.
Again, I think we all agree on that. My question is, that implies a set of requirements sufficient for both HyperKitty and Postorius. Why do we believe that such a set of requirements is known, and satisfied by the design? And how about Alex's NNTP access? If access to the archives is to be authenticated, then we would want the NNTP access to be authenticated, and consistent with HyperKitty. Can a Django authentication system do that? Can social_auth?
Aamir is explicitly working on HyperKitty. While it makes a whole lot of sense for him to generalize the authorization module to Postorius (and one would hope beyond), this does require communication with the people doing Postorius. If he's talked to them and believes there's agreement on requirements, all I want to see is "I've talked to Florian on IRC about Postorius requirements for authorization, and we agree that they have the same requirements (see my blog)." Of course he's welcome to post as much detail as he likes!
By the way, I think we should let the developers speak for themselves. I don't have any objection to developers getting a lot of help from mentors, but they should be able to present and to some extent defend their own work. If there's a language issue -- AFAIK none of our students are native English speakers -- they should feel free to say so, too, and we'll work that out.
I think that the mailing list is one of the public places where GSoC students should be soliciting feedback and discussion. So they should be posting half-baked ideas here to get them more fully developed with the help of other contributors. Florian wasn't available on IRC yesterday when Aamir and wacky discussed how to design the authentication so that both postorius and hyperkitty could use it so I asked Aamir to get in touch with him via email "and the list" because I wanted to know what Florian thought of this architecture and it seemed to me that others would as well. No sense having that conversation via private email and then reporting to the list (and getting more feedback from others then) if the discussion could happen on the mailing list in the first place.
That said, there probably is a little bit of a language (or perhaps open source cultural) issue going on as well. Aamir, it'd be great if you could post some more information about this app, how it works, and how it integrates with the stuff that postorius uses already. And it would also be great if you made sure to mention that you were looking for Florian's input specifically :-)
-Toshio
On 05/31/2012 10:00 AM, Stephen J. Turnbull wrote:
Yeah, I think all the mentors and most of the other subscribers here can figure that out. The questions are "which one?"
https://github.com/omab/django-social-auth
do) and "why this one?"
It's used in Postorius. There aren't that many around. This one's well documented, very comprehensive and works well with django.contrib.auth.
Aamir is explicitly working on HyperKitty. While it makes a whole lot of sense for him to generalize the authorization module to Postorius (and one would hope beyond), this does require communication with the people doing Postorius. If he's talked to them and believes there's agreement on requirements, all I want to see is "I've talked to Florian on IRC about Postorius requirements for authorization, and we agree that they have the same requirements (see my blog)." Of course he's welcome to post as much detail as he likes!
Aamir contacted me and Terri via email, Terri told him about django-social-auth. So he did start the required communication with us. He also talked to some other devs on #mailman about his approach.
Cheers, Florian
I am sorry for not drafting my email properly. "social_auth" is already being used by postorius so I thought that you guys might be aware of it. But, I was wrong..and I will keep this in mind for future mails to the list.
Regarding blog posts, I have absolutely no problem in writing blog posts about my progress but I don't think that writing blog posts at such an early stage is going to help in any way. Once, I will make a significant progress I will blog about it.
I think most of the questions raised are already covered. I will be more than happy to answer any further questions you might have.
-- Aamir Khan | 3rd Year | Computer Science & Engineering | IIT Roorkee
On 05/29/2012 10:37 PM, Stephen J. Turnbull wrote:
N.B. George is generally copying his blog post to this list. That's OK if you want to do it, but IMO not necessary. (But that's something we will evolve over time, and I defer to Terri's opinion on this kind of thing. This is all just a suggestion.)
Posting to the list as George is doing by copying his blog post is actually ideal. That means we've always got a copy of the information with the list, even if for any reason the blog goes offline later. (Posting details to the wiki serves the same purpose, of course.)
Our friendly python GSoC overlords want blog posts they can read and link to to show how the students from the various projects are doing, so that's why doing both is ideal, if anyone's wondering!
Terri
participants (6)
-
Aamir Khan -
Florian Fuchs -
Richard Wackerbarth -
Stephen J. Turnbull -
Terri Oda -
Toshio Kuratomi