[keycloak-dev] social login and remember me

Bill Burke bburke at redhat.com
Mon Feb 24 14:06:05 EST 2014


But...But.... :( ;)

On 2/24/2014 1:05 PM, Stian Thorgersen wrote:
> Not sure, try and see ;)
>
> Bill Burke <bburke at redhat.com> wrote:
>
> That looks good actually.
> Can everything be within one <form> (username/password/rememberme/social
> login buttons)?  Or will that screw up formatting?
>
> On 2/24/2014 12:02 PM, Gabriel Cardoso wrote:
>> Services usually don’t have a “Remember Me” for social logins. Thus, I
>> don’t recall a pattern for this.
>>
>> Here is a proposal for where it could be located. We can improve it as
>> the product develops.
>>
>>
>>
>> What do you think?
>>
>> Gabriel
>>
>>
>>
>> On Feb 24, 2014, at 12:43 PM, Stian Thorgersen <stian at redhat.com
>> <mailto:stian at redhat.com>> wrote:
>>
>>>
>>>
>>> ----- Original Message -----
>>>> From: "Bill Burke" <bburke at redhat.com <mailto:bburke at redhat.com>>
>>>> To: "Stian Thorgersen" <stian at redhat.com <mailto:stian at redhat.com>>,
>>>> "Gabriel Cardoso" <gcardoso at redhat.com <mailto:gcardoso at redhat.com>>
>>>> Cc: keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
>>>> Sent: Monday, 24 February, 2014 3:28:40 PM
>>>> Subject: Re: [keycloak-dev] social login and remember me
>>>>
>>>>
>>>>
>>>> On 2/24/2014 9:22 AM, Stian Thorgersen wrote:
>>>>> Added Gabriel to see if he has a good idea
>>>>>
>>>>> With the current L&F I can only think of two solutions (neither of
>>>>> which I
>>>>> particularly like):
>>>>>
>>>>> 1. Have it under username/password - probably means no-one is going to
>>>>> associate it with a social login
>>>>> 2. Have on under username/password and one under all social logins - I
>>>>> think this will look weird, and not convinced people will associate it
>>>>> with a particular login
>>>>>
>>>>
>>>> Above is why I started this email in the first place :( There is no good
>>>> option with the current L&F.
>>>>
>>>>> Is there a way we can not require this for social logins? Social
>>>>> networks
>>>>> would already provide this mechanism so if we can somehow integrate with
>>>>> that, we wouldn't need it. One idea would be to set a cookie when a user
>>>>> has used a social login, then test if they are still logged in with that
>>>>> automatically.
>>>>>
>>>>
>>>> Without "Remember me" the user would have to still be redirected to
>>>> Keycloak login page and click "Google" or whatever.
>>>
>>> Not necessarily. I was thinking something along the lines of:
>>>
>>> * In social callback we set a cookie to remember user last logged in
>>> with 'Google'
>>> * On next login we check if this cookie is set, if it's set we
>>> automatically redirect to login on 'Google' with 'prompt=none'
>>> * If we get a code from Google, user is logged in and we can redirect
>>> with code. If we get an error, then we display login form
>>>
>>> Probably to complex, and probably won't work with all providers (as
>>> they may not provide prompt=none option). Just thinking out of the box ;)
>>>
>>>>
>>>> --
>>>> Bill Burke
>>>> JBoss, a division of Red Hat
>>>> http://bill.burkecentral.com <http://bill.burkecentral.com/>
>>
>> ---
>> Gabriel Cardoso
>> User Experience Designer @ Red Hat
>>
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list