Transition from GitHub to ORCID-Based Authentication? #16
Comments
tekrajchhetri
added
documentation
|
Thanks @tekrajchhetri. In DANDI, we are evaluating using other methods for registration. For example see dandi/dandi-archive#1967. What are the requirements for users who sign up to BrainKB? Do they need to be affiliated with an academic institution, government, etc.? |
|
@kabilar Thanks for the pointer. We have not discussed anything as such. However, the contributors to the BrainKB would be anyone who does research in the domain of neuroscience (or related). With this, I would say, the contributors would mostly be associated with some academic institutions, and may also be associated with governments as well as there might be an independent researcher. Since ORCID is mostly used by researchers and they would also need to provide non-personal email ID, I was thinking this would resolve the need for extra verification that one might need like the one discussed in DANDI archive's case. |
|
Thanks @tekrajchhetri. For reference, Satra has also suggested that we look into InCommon Federation for DANDI. |
|
@kabilar I have integrated ORCID auth and fixed the issue of being unable to login. Would be nice if you could also test to see if everything's working fine at https://beta.brainkb.org/. In parallel, we could have discussion about Satra's suggestion. |
|
@tekrajchhetri - i can log in. it takes me a set of template pages. |
|
@satra that's working, thanks for confirmation. The template is no longer relevant as we switched to model-driven approach. It will be removed and will have different view soon. Also, I will create a project board so that everyone is aware of the planned work and progress. |
|
Thanks @tekrajchhetri. I can also successfully create an account and log in. When I try to log out, my session appears to be persistent. Please see the steps below that will explain what I mean. Steps to reproduce:
Perhaps there is a token that is not expiring upon logout? |
|
@kabilar I tested it and is working fine. I was unable to replicate what you're saying. |
|
Interesting. Not sure what is going on. If I log out of orcid.org between steps |
|
But I would not expect this requirement of having to log out of orcid.org for a typical log in/log out. |
|
@kabilar Sorry, I misunderstood earlier. I tested it again and yes it's working like that. I tested with GitHub-based login as well and is the same. For GitHub, I didn't do any custom implementation but use the library. So I believe, this is an expected behavior. However, when you click on login and you have not log out of ORCID, the process becomes fast which you've noticed on the redirect URL. This is because you skip one step, i.e., specifying login credentials and gets validated by ORCID as you're already logged in. |
|
@kabilar I checked another platform, Hugging Face Spaces - Croissant Editor, and confirmed that it behaves similarly to our system. Specifically, it does not prompt users to log in again if they are already signed in. I think unless, we think it otherwise, I feel that it's not an issue and can be closed. |
|
Thanks @tekrajchhetri. That sounds good. |
|
Closing the issue. |
In line with the approach taken by DANDI, I have removed Google-based authentication. Currently, login is exclusively handled via GitHub. However, I’m considering whether we should shift to ORCID-based authentication instead.
Using ORCID could offer several advantages:
Should we consider making ORCID the standard for authentication?
@satra @kabilar @aaronkanzer @djarecka
The text was updated successfully, but these errors were encountered: