Today I blew the dust off my old FotoBilder install and started to take a look at what it would take to add OpenID consumer support, mostly just by ripping off the guts of the OpenID consumer support in LiveJournal. My plan is essentially to have a configuration option for the “domain” that OpenID identities should have their user accounts magically created in and otherwise to do pretty-much exactly what LiveJournal does. A few extra issues, though:
- FotoBilder, like LiveJournal, doesn't support user accounts with no username. I imagine the user table on pics.livejournal.com has got pretty big now and so it'd be annoying to ALTER it. It would be the cleanest solution, though, as FotoBilder doesn't have the issues that LJ has: FotoBilder doesn't really do anything special with the username except to use it in the gallery URLs, and OpenID users wouldn't have galleries so that wouldn't matter.
- FotoBilder's accounts are very “light” by default, having only a user row and a useridlookup mapping. However, if I'm not mistaken there's no way to specify that a given account should not ever grow beyond this, which would be nice for identity accounts.
- With the userid row there it becomes possible to add an OpenID user to one of your security groups. However, since there's no “profile” page on FotoBilder, what should be the interface for adding such a user?
- Any support must also allow for offsite auth modules such as that used to let LiveJournal users transparently pass onto pics.livejournal.com. Ideally when a LiveJournal identity account travels onto pics.livejournal.com it should be created as an identity user in FotoBilder too, rather than replicating all that ext_n business.
Well, that was just a messy load of thoughts. Hopefully some of it will spur discussion. ;)