Hey folks,
I'm going to be building a product soon that calls for having a
super-lightweight log in system initiated by someone receiving an
email. They can then click a link and be logged in or continue to
participate by replying to the email.
As part of that, I've developed a log in + sign up system where you
enter your email then check your email account for a link to log in.
Some caveats
1. It currently takes a little too long to receive the email
2. I realize that if the purpose is just someone logging into the
site, using Twitter or Facebook is probably really the easiest (but
this flow serves a purpose in another project)
3. I'll probably make the tokens expire after 15 minutes
4. I'll probably keep the tokens empty except for when a confirmation
is actually sent, then clear it when it is clicked. But... maybe I
don't need to? Not sure yet.
So... just looking for what people think of it. Also, since this is
somewhat different from a traditional log in system I'm having trouble
figuring out what to call things :P. The process of filling in your
email and sending it is "confirmations" and the clicking of the link
is "a new session". The confirmation concept doesn't seem right.
You can try it here:
https://diddleberry.herokuapp.com
And check out the code here:
https://github.com/r38y/diddleberry
Cheers!
--
Randy Schmidt