[wp-hackers] Should OpenID be in WP core?
lists.permutype at gmail.com
Fri Mar 9 07:35:16 GMT 2007
On 9-Mar-07, at 12:17 PM, Matt Mullenweg wrote:
> DD32 wrote:
>> Idealy with openID, you dont want to create an extra account for
>> them, but aparantly, your forced to due to the way WP handles users
>> (or something, i cant find the reference for that right now).
> My understanding of OpenID is that it's meant to be a replacement
> for a password, you still need an account on the site and you still
> need to "log in" like you normally would. I left a comment on an
> OpenID enabled blog the other day, here was the workflow:
> 1. I put in "matt.wordpress.com" instead of filling the three boxes
> for name/email/url, and I wrote my comment.
> ( I was logged in, else I would go through something else*. )
> 2. I press "comment" and it redirects me to matt.wordpress.com and
> asks me if I want to "trust" the blog, no, just this time, or always.
> 3. It then loaded a page with my name/email/url pre-filled, still
> on WordPress.com, and asked if I wanted to give this information to
> the aforementioned blog.
> 4. I said yes, and I went back to the comment page and everything
> was posted.
> * If I hadn't been logged in:
> 1. The page tells me I'm not logged in, but doesn't give me a link
> to login because of phishing. I'm asked to go to a bookmark or type
> in WordPress.com.
> 2. I type in the URL to login.
> 3. After I login and it redirects me to my admin page, a little
> notice says there's a openid thingy in progress, and has a link.
> 4. If I click the link it puts me back to #2 above.
> This is similar to what I did when I registered for ma.gnolia.com
> or Zooomr with OpenID. I still have accounts at both, just no
> password and "matt.wordpress.com" is my username .
> Matt Mullenweg
> http://photomatt.net | http://wordpress.org
> http://automattic.com | http://akismet.com
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers