Entry Points to Login
- Bookmarks/Links * (#1 method for general users to end up at login screen)
- Login Button (#2 method for general users to end up at login screen)
- Insufficient Privileges redirect *
- Commenting on content (where login is required to do so) *
- Rating content (where login is required to do so) *
- Starting as anonymous then needing to login for some reason *
- Password Reset
- Failed Password Attempt
- Federated Login integrations
- Site Lockdown (The blocked site setup) *
* = entry points driven by permissions issues/PAS challenges.
Additional Points to Consider
Important to preserve state throughout the entire process, along every potential path.
Save page requested, save anchor in page, implies simple and easy-to-use state saving mechanism
Do not want users to lose mental state either, if possible should preserve context visually as well as technically
Login Failure should not be a different case than simple Login.
Federated Login integration prevents remaining "in context" through login process, as a trip out and a redirect back are usually required, but technical state should be preserved if possible.
Joining The Site
Break this into two pieces
- the minimum required information Plone wants for join
- the additional profile information integrators/clients may wish to require
- nagging/requiring completed profiles for membership role
- must preserve use-case for HR creating profile or "by invite" membership
bulk user adding should be easy
- provide username, email address password and confirmation.
- Get email with 'confirmation link'.
- Click link, "active" field is set. message user that they have been confirmed
- redirect to login form to log in.
- HR sets up profile, clicks 'invite user'
- User gets email with link
- Click link, set password and confirm (this is like/can be same as password reset form?), submitting form sets "active" bit on profile
- Redirect to login page to log in.
OAuth / Federated Login