Difference between revisions of "Future Plans"

From GeeklogWiki
Jump to: navigation, search
(phpass?)
("Service" column in user list)
Line 12: Line 12:
 
* Ability to entirely disable local logins
 
* Ability to entirely disable local logins
 
* Need to clean up and unify / merge the login forms (side block and users.php)
 
* Need to clean up and unify / merge the login forms (side block and users.php)
 +
* Add a "service" column in the Admin's user list when remote auth is enabled to easily identify remote users and the service they're using
 
* Support for OpenID 2.0 (Geeklog 1.5.0 supports OpenID 1.1)
 
* Support for OpenID 2.0 (Geeklog 1.5.0 supports OpenID 1.1)
  
Line 19: Line 20:
  
 
* Re-ordering / re-grouping of options
 
* Re-ordering / re-grouping of options
* Ability to allow config access for certain user groups (currently requires Root access)
+
* Ability to allow config access for certain user groups (currently requires Root access for everything)
  
 
=== Security ===
 
=== Security ===

Revision as of 11:07, 14 March 2008

Things to consider for future releases

Geeklog 1.5.1

Clean up Remote Authentication

With the addition of OpenID (and possibly LDAP) support in Geeklog 1.5.0, remote users will become more common and existing problems will become more apparent. For example:

  • Duplicate email addresses
  • Missing email addresses
  • Ability to make remote users "local" users (and vice versa)
  • Ability to entirely disable local logins
  • Need to clean up and unify / merge the login forms (side block and users.php)
  • Add a "service" column in the Admin's user list when remote auth is enabled to easily identify remote users and the service they're using
  • Support for OpenID 2.0 (Geeklog 1.5.0 supports OpenID 1.1)

Configuration

The configuration GUI, introduced in Geeklog 1.5.0, will probably require adjustments once it's in widespread use, e.g.

  • Re-ordering / re-grouping of options
  • Ability to allow config access for certain user groups (currently requires Root access for everything)

Security

It's about time we replace the md5 password hashes with something more modern and robust.

  • Maybe use phpass
  • To solve: What do we do with existing accounts?


Beyond 1.5.1

  • If we make it into the Google Summer of Code in 2008, there will probably be a release focussing on integrating the results