question/suggestion about openid and oauth accounts
@Evgeny @Fitoria , rest of the dev team, community (It is like I am preparing my speech for Oskar awards).
I have noticed, that when a user creates an account using his google or fb account (these two I have tested) he will be redirected back to askbot where he will need to put a screen name and a valid email (that is never validated actually).
I also know that other sites that use openid and oauth mechanism, ask from users to give permission to share also their email address so the site can send them notifications.
By this way a) the user does not need to type his email again and b) the site (askbot in our case) knows that has a valid email that can send notifications.
Do you believe that following the same approach in askbot will add any value?
Comments
Sounds great! Especially for the (b) part that there is no need to worry about spam when openId account is used. So maybe not much development is needed to validate accounts (as popularly requested in this post), only in case askbot credentials are used.
This is true, thank you for pointing this out
Good point about email extracted from other services being most likely valid.
And I just realized that you can actually deactivate askbot login from live settings and have only external services login! So you are ensured about valid emails and you only have the trade-off some users to affraid or not trust to log in with their accounts. But avoiding spam is a good pay-off, so I would take this option..
@zaf, thanks we will indeed revive the email validation feature.