Enabling User Login #32
Comments
|
@shobhit10058 @vishweshvhavle @dijodaiju7 @j-tesla You are assigned to this issue. Please find 4 disjoint areas where you guys can work. Let's brainstorm in this thread. |
|
Please self-assign yourself so that I get to know you have started working. |
|
I can work on presently enabling the login on starting screen. I have seen that function its already there but is not used I guess |
|
Start with it @shobhit10058 |
|
The login and register options are there but presently for the register the user needs to enter his name and can enter anything followed by @iitkgp.ac.in i.e there is no way to see whether it is valid or not. |
|
@grapheo12 , @shobhit10058 currently, we can literally write anything before iitkgp.ac.in to create an account. I will make use of validate_email library to check whether the email actually exists. |
|
For now, I have enabled the register pages. A non-authenticated user can see the search options and login options. The register page has the options to go back to login and search utility. Once the user had clicked a option he can't go back to search utility so for that I had kept of option of home. An authenticated user can see all the options |
|
@j-tesla yes that will suffice some issues for now I think. The user can now not enter a wrong e-mail. need to tackle if the user can enter a correct one but not his. |
|
@grapheo12 should I make a PR for now? |
|
before login |
This ain't working. I'll look for any alternatives. |
|
I don't how can we do this but still I am listing it - |
|
Otp idea was also nice like we can use the mail of the admin to send mail and then require the user to enter the otp to login but again that will make the register time high. This could also help in generating the forgot password options. |
|
I have included some more minor changes like if someone tries to use request, upload or report , he/she is redirected to home page if the user is non-authenticated |
|
@j-tesla See the main aim of the project is to encourage people to upload papers. If you make the upload process too much complicated, people might not upload at all. So better not include anything fancy here. One thing that you can do for now is to make the validation "@*iitkgp.ac.in" and "@*iitkgp.ernet.in". |
|
We can make a change in script such a way that extension after @ must
satisfy the college domain.
…On Sat, 12 Dec 2020, 8:16 pm Shubham Mishra, ***@***.***> wrote:
@j-tesla <https://github.com/j-tesla> See the main aim of the project is
to encourage people to upload papers. If you make the upload process too
much complicated, people might not upload at all. So better not include
anything fancy here. One thing that you can do for now is to make the
validation "@*iitkgp.ac.in" and "@*iitkgp.ernet.in".
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#32 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AOL6NESOFP75OPFJ3FJHYW3SUN62VANCNFSM4UN36O2Q>
.
|
|
@dijodaiju7 I believe you are working with the login system itself. |
|
@dijodaiju7 Yeah! That is a nice idea! Can you make a new variable in |
|
I believe adding a script just to check the emails will overly complicate things. Better go for something Regex based. |
|
@dijodaiju7 @j-tesla Let me know what you guys think. |
Yes I'm working on it |
|
I did not make any majors changes yet, I only changed the validation such that it includes @*iitkgp.ac.in |
|
No, don't discard it. We'll merge it. Start with the sub-issue I mentioned. Raise a combined PR. |
|
@j-tesla You know what? Start working afresh. Since we decided to take a different course of action. Start with a new branch. But don't delete the old ones. |
User login feature is present in the current version, but it remains disabled. Since this project is of institute importance, we must be strict about not letting spam into our system. A good way to avoid spamming is to enable user attribution.
We need to record which user uploaded/requested a certain question paper and if someone reports a spam, we should be able to ban that user and all their content.
So far, we have been using captcha as the sole safeguard against spamming. This is a stronger safeguard, but it increases (unnecessary) interaction time. So development must be done such that the admin can enable/disable this feature online with the click of a button.
The text was updated successfully, but these errors were encountered: