Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Board Game Geek authentication #20

Open
JDGiardino opened this issue May 27, 2022 · 7 comments
Open

Board Game Geek authentication #20

JDGiardino opened this issue May 27, 2022 · 7 comments
Labels
Draft Indicates ticket is in a draft state

Comments

@JDGiardino
Copy link
Owner

I wonder if instead of passing in a username from a field, I could have users sign in with their board game geek account and get their user that way?
@nickdibari
Copy link
Collaborator

nickdibari commented Jun 3, 2022
edited
Loading

This sounds like a perfect use case for OAuth (Open Authorization) wherein a user authorizes your application to access their data from BoardGeek. If you've ever logged into a site through Google or Facebook, or allowed an application to access your data on another platform (think allowing DigitalOcean to access your Github account to deploy the BGG-Companion project) it's the same idea. A user in your application would be redirected to BoardGameGeek and BGG would ask them "Hey do you allow BGG-Companion to view your saved games/username/other information?" and if the user accepts your application can request data on behalf of that user from BoardGameGeek.

Unfortunately, based on some quick googling it looks like people have1 requested2 that BoardGameGeek support OAuth for this use case, but it doesn't seem to have gained any traction.

Footnotes

  1. https://boardgamegeek.com/thread/1521917/bgg-api-and-oauth2

  2. https://boardgamegeek.com/thread/2855128/provide-log-bgg-oauth-feature

@halo123u
Copy link
Collaborator

halo123u commented Jun 5, 2022

I was thinking we can maybe do authentication on our end let the user save their username so that when they load the application.it automatically pulls data. Right now, it seems we submit a user name and then pull data from that.

@nickdibari
Copy link
Collaborator

Oh i gotcha, maybe you can save the username as a cookie in the User-Agent somehow? so when a user comes back the next day they don't need to enter their name again, the backend will know "oh there's a cookie already for this username in the User-Agent I can default the username field to the cookie value"

@halo123u
Copy link
Collaborator

halo123u commented Jun 6, 2022

I think that seems reasonable as a first step to get something going. This might need to be another issue, but I was envisioning something along the lines of storing this in a db. This would then be foundation for maybe adding other friends names and save them to your "user". I think it would be cool to be able to pick a random game from any user you save to your profile.

@nickdibari
Copy link
Collaborator

I'll leave it up to @JDGiardino and you for the implementation details :) but yes database (or some other file-based) persistence would be the most ideal! Especially if you want to add in some social-based functionality to the site you all would most probably need to store that data in longer-term storage.

@JDGiardino
Copy link
Owner Author

Hmmm yeah this will be something to put some research into. I wonder than options exists within DigitalOcean for hosting a database like that.

@JDGiardino JDGiardino added the Draft Indicates ticket is in a draft state label Jun 8, 2022
@JDGiardino
Copy link
Owner Author

Here's some useful documentation around cookies https://flask.palletsprojects.com/en/2.1.x/quickstart/#cookies

@JDGiardino JDGiardino reopened this Oct 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Draft Indicates ticket is in a draft state
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@halo123u @nickdibari @JDGiardino