[Haskell-cafe] Unified Haskell login

Fri Sep 17 02:47:02 EDT 2010

Hi cafe,

Let me preface this by stating that this is purposely a half-baked
idea, a straw man if you will. I'd like to hear what the community
thinks about this.

I mentioned yesterday that I was planning on building haskellers.com.
The first technicality I considered was how login should work. There
are a few basic ideas:

* Username/password on the site. But who wants to deal with *another* password?
* OpenID. Fixes the extra password problem, but doesn't give us any
extra information about the user (email address, etc).
* Facebook/Twitter/Google: We get the users email address, but do we
*really* want to force users to have one of those accounts?

I then started thinking about the Yesod documentation site[1], and
realized in the not-too-distant future I'm going to want to provide a
feature tracker. Once again, I'll need to face the exact same problem.
And then I realized something: I already have *two* Haskell-centric
logins: one for Hackage, and one for the Haskell wiki.

Consolidating our logins as a community could be a huge plus. If we
keep the same kind of system as we have now with Hackage and the wiki,
we can verify each new user to keep things "clean". Or even better: we
could have a built-in permissions system: permissions for uploading to
Hackage, modifying the wiki, feature requests, etc. Users get
simplification of only needing to apply for an account once and only
need to remember one password. (In fact, if we wanted to, we could
bypass the password some of the time by allowing OpenID
authentication.)

But perhaps the biggest advantage would be the community building
advantage. Imagine if you go to Hackage and the upload by field is a
link to someone's Haskellers profile. Imagine going to Haskellers and
seeing a list of all the users uploaded packages and wiki
contributions. We could even start with some clever things like badges
per user. I'm sure there are lots of possibilities out there I haven't
considered.

Obviously there are some technical hurdles to overcome. We would
probably need to do some significant work on the wiki to get this to
happen. But given that we seem to have had trouble with mediawiki in
the past (I remember hearing about some migration issues), maybe it's
time to eat our own dog food and switch to a Haskell-based wiki[2]
that could be more easily modified to suit our needs. We would also
need some kind of protocol for the cross-site authentication; OAuth
2.0 might be worth considering for this.

All of this may just be the ramblings of a mad-man (I haven't had
breakfast yet), but I do think that *some* form of unified login could
really push Haskell forward.

Michael

[1] http://docs.yesodweb.com/
[2] http://hackage.haskell.org/package/gitit