[keycloak-dev] social login and remember me
Bill Burke
bburke at redhat.com
Mon Feb 24 12:45:11 EST 2014
That looks good actually.
Can everything be within one <form> (username/password/rememberme/social
login buttons)? Or will that screw up formatting?
On 2/24/2014 12:02 PM, Gabriel Cardoso wrote:
> Services usually don’t have a “Remember Me” for social logins. Thus, I
> don’t recall a pattern for this.
>
> Here is a proposal for where it could be located. We can improve it as
> the product develops.
>
>
>
> What do you think?
>
> Gabriel
>
>
>
> On Feb 24, 2014, at 12:43 PM, Stian Thorgersen <stian at redhat.com
> <mailto:stian at redhat.com>> wrote:
>
>>
>>
>> ----- Original Message -----
>>> From: "Bill Burke" <bburke at redhat.com <mailto:bburke at redhat.com>>
>>> To: "Stian Thorgersen" <stian at redhat.com <mailto:stian at redhat.com>>,
>>> "Gabriel Cardoso" <gcardoso at redhat.com <mailto:gcardoso at redhat.com>>
>>> Cc: keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
>>> Sent: Monday, 24 February, 2014 3:28:40 PM
>>> Subject: Re: [keycloak-dev] social login and remember me
>>>
>>>
>>>
>>> On 2/24/2014 9:22 AM, Stian Thorgersen wrote:
>>>> Added Gabriel to see if he has a good idea
>>>>
>>>> With the current L&F I can only think of two solutions (neither of
>>>> which I
>>>> particularly like):
>>>>
>>>> 1. Have it under username/password - probably means no-one is going to
>>>> associate it with a social login
>>>> 2. Have on under username/password and one under all social logins - I
>>>> think this will look weird, and not convinced people will associate it
>>>> with a particular login
>>>>
>>>
>>> Above is why I started this email in the first place :( There is no good
>>> option with the current L&F.
>>>
>>>> Is there a way we can not require this for social logins? Social
>>>> networks
>>>> would already provide this mechanism so if we can somehow integrate with
>>>> that, we wouldn't need it. One idea would be to set a cookie when a user
>>>> has used a social login, then test if they are still logged in with that
>>>> automatically.
>>>>
>>>
>>> Without "Remember me" the user would have to still be redirected to
>>> Keycloak login page and click "Google" or whatever.
>>
>> Not necessarily. I was thinking something along the lines of:
>>
>> * In social callback we set a cookie to remember user last logged in
>> with 'Google'
>> * On next login we check if this cookie is set, if it's set we
>> automatically redirect to login on 'Google' with 'prompt=none'
>> * If we get a code from Google, user is logged in and we can redirect
>> with code. If we get an error, then we display login form
>>
>> Probably to complex, and probably won't work with all providers (as
>> they may not provide prompt=none option). Just thinking out of the box ;)
>>
>>>
>>> --
>>> Bill Burke
>>> JBoss, a division of Red Hat
>>> http://bill.burkecentral.com <http://bill.burkecentral.com/>
>
> ---
> Gabriel Cardoso
> User Experience Designer @ Red Hat
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list