Embeddable "manage your account" page for third-party websites

Bug #1117643 reported by François Marier
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Libravatar (obsolete)
Won't Fix

Bug Description

Use case:

08:44 <ozten> I build a web app that uses libravatar
08:44 <ozten> it's currently very hard for me to send my users to a place to update
              their image
08:44 <ozten> if you think from the non technical user's prespective
08:44 <ozten> gravtar also does a bad job of this
08:45 <ozten> I want a landing page to send them to, maybe I can add their email
              address and my url as parameters
08:45 <ozten> to customize the landing page

Proposed solution:

Embeddable (i.e. iframe) page that asks people to login with Persona (confirming the email).

New users will be redirected to the "upload a photo" page automatically and that photo will be assigned to the email address.

Existing users will see their list of emails / OpenIDs and photos and will be able to change the assignment.

Tags: ux
Changed in libravatar:
status: Confirmed → In Progress
Revision history for this message
François Marier (fmarier) wrote :

Hi Austin,

I've got a first cut of the new "API" you asked for. By first cut, I mean it's rough and ugly, but the basic flow is there.

Here's a fake Social Networking service that takes advantage of the new code I just pushed:


It consists of a profile page which allows users to change their photo by going to Libravatar. It opens a special login page (Persona-only) in a popup window and then immediately directs new users to the photo upload and crop forms. Once that's done, users can see what their email address is associated to and hit the Close button to close that window.

There are a few things missing:

- styling of the pages
- the wording of the instructions on the new landing pages could probably be improved
- automatic assignment of the uploaded photo to the email address (bug 1041720)
- ability to reach the upload form from the "change photo" page (bug 1127724)

but is that otherwise what you were after?

Revision history for this message
Christian Weiske (cweiske) wrote :

Since libravatar is all about federation, the avatar server profile URL must not be hardcoded, but needs to be discoverable.

The domain of the URLs used here is the avatar server domain discovered via DNS.

I can think of two possible solutions:

1. hard-code the profile URL on the avatar server, e.g. avatar.example.org/profile/{email}

Benefit: Very easy to implement on the client side
Downside: if the avatar server is a CDN, you have probably no way to redirect the profile URLs to another host.

2. Provide a static "capabilities" file that contains a link template to the profile URL

That one would live on a static location on the avatar server, and would be in a format like RFC 6415 (web host meta data, http://tools.ietf.org/html/rfc6415).
The client would fetch that file, extract the avatar-profile-url URL, replace "{email}" with the user's email address and give the user a link to that URL.

Revision history for this message
François Marier (fmarier) wrote :

Christian's comments are spot on and deserve a bug all to themselves: bug 1130555

Revision history for this message
François Marier (fmarier) wrote :

Superseded by bug 1533019.

Changed in libravatar:
status: In Progress → Won't Fix
Changed in libravatar:
assignee: François Marier (fmarier) → nobody
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers