[guideline] keep the project as simple as possible, no new features !?
panique opened this issue · 6 comments
Hey,
I've just been stumbling upon this nice conference talk: "Extremely defensive PHP" (slides here), and this nails a nice concept right to the head:
Reduce features to the bare minimum.
I totally agree with this and the current README here in this repo also notes the KISS and the YAGNI concept which basically say similar things.
So, I think it might be a good idea to go exactly this way with this project, meaning...
1. Don't implement features that are not absolutly needed:
For example, the registration process, the login / logout process, the needed security level for sure, all this is necessary for this project to work properly. But is OAuth2 (login via Facebook, Google+ etc) really needed ? Is a translation needed ? Is the avatar feature / gravatar feature needed ? Are the captchas necessary ? I think it's nice to keep existing features, but don't implement stuff that is beyong the most basic scope of the script.
2. Only build everything for the most common use-case:
Lots of frameworks are packed with features and options to make it runnable in every damn scenario, but seriously, is there any good reason to write free mainstream software for something else than for the latest PHP version running on the latest nginx/apache stack, handling a default MySQL setup ? If somebody really wants to use code on a exotic server distro or on Windows, with an old PHP version and a weird encoding, then it's something these people should implement on their side...
So, for HUGE this will mean: Let's keep the features are simple as possible, and only implement things that are absolutly necessary to make this project useful. Let's skip everything that does not focus on the basic idea behind this repo: To deliver a simple but secure user auth solution.
As usual, feel free to comment :)
Hey,
I never did much with PHP besides some simple functions and some wordpress hacks. I found HUGE by mistake and used it since then as a very lightweight easy to extend framework and to get more used to PHP. I have benefited from some of the additional, maybe obsolete elements. Of course a third-party login integration is not needed since they change there APIs all the time, but some of the fluff where quite useful for me. They offered a starting point.
For me the Avatar is a example how the framework works with uploads. Similar how the notes are a CRUD example...
So I would Agree with 2 but not with 1. But what would I know :)
by the way, thank you for your work!
So I think new features are cool, user can learn much from you just from reading the source code. But they should have something to do with a easy login system.
It would be cool if you could add support for two factor authentication for more security (e.g. Google authenticator or authy), even if it's not that easy
I don't think that Oauth2 in needed the way sites implement them is every changing and just annoying. The avatar/gravatar feature is pretty standard when it comes to login systems and its also a great demo of file uploads in Huge, Captchas are most definitely necessary. I personally use Huge in production and Captchas are needed to protect against bots.I personally have implemented languages into my version of huge however I also think that for the bar bone version (AKA this one) it is unneeded.
simplicity has been and is the best feature of this framework! So, it is better to keep it as bare-bone as possible! Let huge be a great skeleton! Where everyone can customize by appending! not by deleting!
I personally like the idea of keeping this project as simple as possible.
I would suggest though, that we make it possible to use some kind of modules for certain extended use-cases that people can provide. (see #498)
Just because this fits so well :) [by Richard Branson]
