[OSM-dev] Using native social SDK for signing in to OSM on mobile
Ilya Zverev
ilya at zverev.info
Mon Dec 28 18:34:55 UTC 2015
Hi Greg,
Signing in on mobile devices is hard. You click "sign in" and then have to remember your login and password. There is an alternative method: facebook and google buttons on a login form. You can try them yourself: after linking your account with a social account, signing in is just a matter of pressing one button.
Registering a new user is much harder on mobile, since you have to type everything twice, and then leave for another app to confirm a e-mail. Again, with a facebook/google button, you don't have to type anything: e-mail and display name are pre-filled, and password is optional. E-mail confirmation step is also omitted, since social networks have already validated your e-mail. So, registering with facebook or google is a straightforward process of 3-4 button clicks and no typing.
But that's on a desktop browser. You most likely have logged in to some social accounts on your phone. For example, most android phones are unusable without a google account. And millions of iPhone users use facebook. So it's safe to assume most mobile users have a permanent login to a social account.
I haven't used Vespucci in a while, but I can assume that when you try to sign in with it, it opens an inline browser with a login form. You can remember and type your login/password, or click on any social button. Alas, after that you would have to remember your google/facebook login and password, and type them in. Because even if you are already signed in to these in your system, browser panes do not share the account. So there is no simplification of a signing in process with social buttons in a mobile OSM editing app.
I want to use a system-wide social account on mobile devices. So that a user could sign in in a mobile OSM app with a single button click (provided he/she is logged in to facebook/google on a device). To do that, I need to change osm.org source code a bit, adding an endpoint, and to allow third-party apps to create "tokens", identification strings, that osm.org would be able to use.
The latter requires that the mobile app developer either knows two keys, which are currently stored only on osm.org server, or that any app that wants to allow social login to be registered by an OWG member who has access to facebook/google system account. When you click "facebook" button on osm.org login form, you are taken to an "OpenStreetMap" facebook app and are asked to allow it your name and e-mail. That is the social app/account I'm talking about. You cannot make a working social login in a mobile app without having some kind of access to that "OpenStreetMap" facebook app.
IZ
> 24 дек. 2015 г., в 17:58, Greg Troxel <gdt at ir.bbn.com> написал(а):
>
>
> Ilya Zverev <ilya at zverev.info> writes:
>
>> This can be made a part of a policy for allowing apps to use OSM
>> official social accounts.
>
> Can you explain what you mean by "OSM official social accounts"?
> Perhaps it is just me that doesn't get it, but I am not following what
> you really mean.
More information about the dev
mailing list