michelts wrote:
> Who is the manager of LoginKit? I have some corretions to be filtered
> and, if you agree, be applyed:
I'm the author/manager of all the component-related stuff, including
LoginKit.
> First: I change the simpleLoginForm identation (the html source) to be
> easier to read the source. It will be usefull when someone want to
> extend the usercomponent... There is an attached patch...
Sure, seems fine. I don't actually use that login form anymore now that
I do everything in templates, so I haven't looked at it in a while.
> There is some more points to note, what does happen when the password
> is not validated/wrong? Should the simpleLoginForm have an error
> message?
simpleLoginForm is really intended to be embedded in pages, so it's not
a full login page itself. But I suppose it should display something.
Or we can just make simpleLoginForm submit to a login page and
centralize all that interaction.
> I done a test of the permittedRoles method, it is not working, I will
> try to fix it...
> I suggest to separate the method userExists from passwordCorrect,
>
> today the hierarchy is:
> - loginCorrect
> - passwordCorrect
> - userExists
>
> I propose to be:
> - loginCorrect
> - userExists
> - passwordCorrect
>
> Do you undestand or agree?
Mm... I don't know. It's common for systems not to be able to query the
existance of a user, so I don't know how prominent that method should
be. But maybe it should just have a three-way response, yes/no/I don't
know. (True, False, "maybe").
--
Ian Bicking / ianb@... / http://blog.ianbicking.org
|