[openstreetmap-website] Trust Google and Yahoo as OpenID providers to only return valid email (#134)

apmon notifications at github.com
Sat Oct 13 06:33:36 GMT 2012

Both Google and Yahoo guarantee that the email address they return during the OpenID
authentication are emails that they have already verified[1].

Therefore special case these OpenID providers and automatically activate the new users
account without requiring a separate email verification step.

This therefore reduces the signup procedure by one step and makes it easier for new users
of these OpenID providers (which cover the majority of users).

This might be particularly useful should the decision be made that the notes / openstreetbugs
feature require an account signup to post notes in future.

[1] http://stackoverflow.com/questions/5639419/are-email-addresses-returned-by-the-google-or-yahoo-openid-providers-verified-ad

You can merge this Pull Request by running:

  git pull https://github.com/apmon/openstreetmap-website openID-email

Or you can view, comment on it, or merge it online at:


-- Commit Summary --

  * Trust Google and Yahoo as OpenID providers to only return valid email addresses

-- File Changes --

M app/controllers/user_controller.rb (37)
M app/models/notifier.rb (16)
M app/views/notifier/signup_confirm.html.erb (6)
M app/views/notifier/signup_confirm.text.erb (6)
M config/locales/en.yml (6)

-- Patch Links --


Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20121012/7805a74e/attachment-0001.html>

More information about the rails-dev mailing list