[Demexp-dev] New registration /login protocol

[Augustin]

Hello David and all,

I completely rewrote the official account registration part.
I have uploaded the updated module. I hope that what I have done is enough for 
stage 1.

Your main concerns were twofolds:
1) not have several Drupal users with the same demexp account.
2) make sure that the the Drupal account holder is the same as the person who 
asked for the demexp account. We don't know whether it is their real name, 
but we can at least make sure it is the same person.
3) You suggested adding a few fields in the Drupal registration form to ask 
for / enter the demexp account at the same time. This is a good idea, and it 
is possible, but I may implement this only in stage 2 (what I implemented 
below took me enough time as it is!).

There are different scenarios:

1- new Drupal user, new/existing demex user.
***********

A person want to register at the drupal site and get/set up a demexp account 
at the same time. A few more fields can be added later to allow the user to 
make a request for a demexp account at the same time.
-> this is not coded yet, as the rest is sufficient for now. 


2- existing Drupal user, existing demexp user.
***********

A Drupal user who already has a demexp account (this will be the most common 
case for the first 40-ish Drupal users, because the current members will be 
the firsts to register a Drupal account).
For them, they are asked to login (thereby proving they know the demexp 
username and corresponding password). If the login is successful, the account 
is put on hold, not yet activated. 

YOU are sent an email. In this email, you have the Drupal user's email, their 
demexp account name and an activation link with a  key. 

If the email you have for the Drupal account is the same as the email you have 
on file for the demexp account are the same, then you can use the validation 
key yourself to activate their voting rights on the site. They will see the 
difference next time they browse the site.
You may email them to tell them.

If the two emails are different, then you send the activation key with a nice 
letter, to the email you have on file for the demexp account holder.
The user can then activate the account themselves.

There is no confirmation screen when activating the account, but I should add 
one.

Apart from husband & wife, and parents & children, I don't know anybody who 
share their email regularly, and especially not with untrusted persons.
If we can verify the email is the same, or if the Drupal user can use the 
confirmation key in the email you'll send them, then that's the best 
authentication we can do at this stage.



3- existing Drupal user, new demexp user.
***********

A Drupal user who does not have a demexp account yet (it will probably be the 
most comment scenario when we become popular).
They can use the form online to ask for a demexp account.
When they submit the form, YOU will receive an email, with their email 
address, their real, full name (which I do NOT store on the site!), and a 
small comment with their PGP key is they have one.
You will also get a creation/activation key. You must be logged in into your 
own Drupal account to use this key. 
By following the link, you will be asked to enter the demexp account name. 
Submit and the account name is saved, and the voting rights are activated.
You must sent the user an email as usual with the password, etc.




A few more interesting points:

4- The email of the 'official demexp account manager' is configurable. This 
person also needs a special right to be able to activate the account online.
David is this person today, the only one to have this right on the site but 
can be someone else later.

5- The system is designed so that the 'official demexp account manager' does 
not know which Drupal user they are activating the account for. So, later, an 
'account manager' who does not have a direct access to the server, does not 
need to know the real identity the drupal users. Their job is only to manage 
demexp accounts.

6- This is important for what may be implemented much later.
Ketty read my mind earlier this week (or last week). My proposal for a more 
secure account verification protocol, the proposal I said I would tell you 
more about later, DID include setting up something that could become a third 
party account verification system.... but I still don't want to talk about 
details now (we still have much more urgent work to do).


7- Once setup, the demexp account name cannot be changed. (at least, not now). 
I.E., it is set up and the account is activated when the identity is 
verified, but then it stays the same. Without this activation, the user 
cannot vote on the web.

8- The same demexp user name can only be used once in the drupal site.

9- When login in, users are given the choice between convenience, or security: 
remember the password or not. Try the different options, and you will notice 
several differences of behavior, even after you log out. I store the password 
on the DB only if they ask me to. This option can be reverted later, and the 
password will be deleted from the DB.

10- Technically, I no longer use the profile.module for this. Its behavior was 
a bit buggy, and not flexible enough for this. I have create my own 
demexp_users table in the DB and handle it directly. 


11- When browsing the site, reload the page so you download the updated 
version of style.css.



Please, do try to test all options. Try entering the wrong username, the wrong 
password, etc... If you do anything wrong, the system should handle it 
properly. 

Also, take good notice of all the English messages. If we want to translate 
later on, the English strings must be stable, and clear enough. If we change 
the English description in the code AFTER the translation has been done, the 
translation will be lost.
So, please suggest a better  wording in English,  where it is necessary. 




yours,

augustin.










-- 
http://www.wechange.org/
Because we and the world need to change.
 
http://www.reuniting.info/
Intimate Relationships, peace and harmony in the couple.

http://www.gnosis-usa.com/
Revolutionary Psychology, White Tantrism, Dream Yoga...

http://www.masquilier.org/
Condorcet, Approval alternative, better voting methods.