Things to consider for future releases
Clean up Remote Authentication
With the addition of OpenID (and possibly LDAP) support in Geeklog 1.5.0, remote users will become more common and existing problems will become more apparent. For example:
- Duplicate email addresses
- Missing email addresses
- Ability to make remote users "local" users (and vice versa)
- Ability to entirely disable local logins
- Need to clean up and unify / merge the login forms (side block and users.php)
- Add a "service" column in the Admin's user list when remote auth is enabled to easily identify remote users and the service they're using
- Support for OpenID 2.0 (Geeklog 1.5.0 supports OpenID 1.1)
The configuration GUI, introduced in Geeklog 1.5.0, will probably require adjustments once it's in widespread use, e.g.
- Re-ordering / re-grouping of options
- Ability to allow config access for certain user groups (currently requires Root access for everything)
It's about time we replace the md5 password hashes with something more modern and robust.
- Maybe use phpass
- To solve: What do we do with existing accounts?
- If we make it into the Google Summer of Code in 2008, there will probably be a release focussing on integrating the results