BOB / Multiuser capture username

[Stobot]

Greetings all,

Has anyone using BOB setup a way to have each user "login" right away so their username is stored somewhere? For my purposes this is what I'm doing today:

• I just made the startup tiddler a simple drop-down ($select) with known users. It stores it in $:/temp/username
  
• I have a data tiddler with a pseudo password for each user (I'm their boss so I know their birthday and use it as their password) just to people don't accidentally pick each other's profile
• If the user enters the right password in the edit-text box (matches the data tiddler value), then they get (via reveal) a "login" box that takes them to the "real" landing tiddler.
  
• Throughout the rest of the wiki, I'm filtering content based around their $:/temp/username value
  

It's fine, though not secure in any way (not that big a deal) and easily bypassed (more problematic). I see some "shadow" tiddlers around username and password that I worry I should be using instead, but probably it's for another unrelated purpose.

I should note this is for a trello-like microsoft planner -like utility I'm building, this is one of the last things to figure out. (BTW - thanks again to Jed for putting together such an awesome tool with the .exe especially!)

[Jed Carty]

How easy this is to improve depends on which part of bypassing it is the problem.

If it is just a problem that a person can do something like click on the sidebar and open up another tiddler before setting who they are than you could use startup actions to disable things like the sidebar and the tiddler editing buttons and have the login button reenable them if the login was successful.

If you need something between that and the full secure server back-end (https://github.com/OokTech/SecureWikiServer) that I use with the ooktech.xyz wikis (you can see https://ooktech.xyz:8443/Public) than it would probably take a bit more work.

[Stobot]

Thanks Jed,

The 'former' would probably be fine. Is there a way I can control those things (disable sidebar / remove buttons like edit) for a single user? My understanding is that every tiddler changed (including those that control these things) propagate out there for all users. The only things that don't are the $:/temp/ tiddlers. If that's not true, that could be a good option.

[Jed Carty]

You can set a filter or list of tiddlers that don't get synced. To do this add to the filter in $:/plugins/OokTech/Bob/ExcludeSync

You shouldn't remove anything from that filter or it will probably break things, but you can add to it. Anything returned by the filter is ignored when syncing to the server.