This module integrates with the Clef service, letting users log in with their Android or iOS smartphone. Clef is a smartphone app that lets you "forget your passwords" and log into sites as easily as taking a photo.
The Clef module adds a button to Drupal login forms. If you've already logged into Clef, pressing that button logs you into Drupal automatically. If not, you'll be asked to scan a QR code with the Clef app on your phone.
Drupal users are matched to their Clef identities by email address, so existing users can take advantage of Clef right away. Future versions of the Clef module will support user registration using the Clef app.
The current project page can be found in my sandbox:
http://drupal.org/sandbox/DaveRoss/1923862
The current repository is located at:
git clone --recursive --branch 7.x-1.x git.drupal.org:sandbox/DaveRoss/1923862.git clef
This is a Drupal 7.x project, with plans to port to 8.x as development proceeds.
Reviews of other projects
http://drupal.org/node/1922796#comment-7103118
http://drupal.org/node/1913916#comment-7103212
http://drupal.org/node/1852392#comment-7103386
Comments
Comment #1
beljaako CreditAttribution: beljaako commented- There are several drupal coding standards issues:
http://ventral.org/pareview/httpgitdrupalorgsandboxdaveross1923862git
- The version in the info file should be something like: 7.x-1.0. Not: 1.0.
- There is no validation on the admin form.
- There are some notices you need to fix, last two appear when json_decode fails.
Notice: Undefined index: code in clef_login_callback() (67 clef.module).
Notice: Undefined property: stdClass::$access_token in clef_login_callback() (79 clef.module).
Notice: Undefined property: stdClass::$success in clef_login_callback() (81 clef.module).
Comment #2
davidmac CreditAttribution: davidmac commentedGreat idea for a module.
On first review, I'd suggest examing the output of the automated test provided by the 'pareview' script, which is detailed below. You'll find the relevant guides to the coding standards here:
http://drupal.org/coding-standards
Comment #3
davidmac CreditAttribution: davidmac commentedsee above
Comment #4
DanaRoseRoss CreditAttribution: DanaRoseRoss commented@beljaako - great feedback. Added some defensive coding for those situations when invalid data comes across. Actually, doesn't the build script automatically add the "version" tag when the tarball is built? Took it out for now, but good catch.
@David Mc Donnell - Coding standards, ugh! Oh, well. Guess I'd better stick to Drupal's if I'm submitting Drupal code, right? Ran the code through PHP Code_Sniff with the Drupal standards & then through pareview. Comes out clean on both now.
Comment #5
DanaRoseRoss CreditAttribution: DanaRoseRoss commented@beljaako - also added some validation to the admin form
Comment #6
davidmac CreditAttribution: davidmac commentedOnce you've made changes, you need to set the status of your issue back to 'needs review' if you want it to be picked up again.
You might like to read this post on getting your review done ('pareview bonus'): http://drupal.org/node/1410826
Comment #7
DanaRoseRoss CreditAttribution: DanaRoseRoss commentedComment #7.0
DanaRoseRoss CreditAttribution: DanaRoseRoss commentedRemoved username from the git clone command
Comment #8
DanaRoseRoss CreditAttribution: DanaRoseRoss commentedHappy to help out.
Comment #9
nsuit CreditAttribution: nsuit commentedThis module worked great and is a great idea. I didn't see any coding issues, but you could maybe do a better job in linking the clef.io website and in particular the developer.clef.io subdomain with the application id and secret form. I think there is also an description missing with that form, of where to go on the clef.io site. I had to click around on your website until I finally found the Application registration under the Developer page. It is also a bit confusing that you called it application. I keep on thinking about the Facebook applications when I hear that.
Comment #10
DanaRoseRoss CreditAttribution: DanaRoseRoss commentedIt's not my site. I just like what they're doing. But, yeah, the developer site can be pretty confusing.
I had to do an undergrad thesis in college and did it on online identity, back when Kim Cameron was pushing the idea of an "identity metasystem". So I have a thing for neat new alternatives to usernames & passwords.
I'll see what I can do about making the process clearer from my end. I know Drupal admin screens tend not to be as text-heavy as the WordPress ones I usually build, but maybe I can include some brief instructions and a couple links.
Thanks for the feedback & glad you enjoyed it!
Comment #11
davidmac CreditAttribution: davidmac commentedJust a small point on the access argument in hook_menu('admin/config/services/clef'). Setting this to 'access administration pages' is understandable, but a lot of developers allow clients to use the admin menu for accessing their own content/dashboard etc. Given that this page falls firmly under a developer role, it's permissions could be tighter.
So, as a suggestion, a more granular option from the role_permission table would be perhaps 'administer site configuration'. Alternatively, you might consider including a hook_permission to address this module specifically.
From a personal point of view, I'd normally like to see hook_help used for some sort of guidance however brief. The README.txt is normally looked at by developers, but a less experienced user might benefit from something on the help page.
Comment #12
klausimanual review:
Removing review bonus tag, you can add it again if you have done another 3 reviews of other projects.
Comment #13
PA robot CreditAttribution: PA robot commentedClosing due to lack of activity. Feel free to reopen if you are still working on this application.
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #13.0
PA robot CreditAttribution: PA robot commentedAdded "Reviews of other projects"