All the recipes can be seen and edited by anyone

Question

All the recipes can be seen and edited by anyone

Opened this issue 8 years ago · 5 comments

And deleted, not sure this is something we want in the end.

Answer 1 · 2016-10-05T10:02:09.000Z

Yep! I guess we should do some authentication ;)
What do you think of making the editor independent from the Kinto server backend.
What I have in mind is an authentication page, where you specify the kinto server, bucket name, username and password.
This way, the editor would be just a user interface to recipes hosted anywhere.

Answer 2 · 2016-10-05T10:08:56.000Z

That's a good idea. However, I guess that almost nobody has a Kinto server, and (even if it's easy to host one) they probably won't care.

So, my take on this is that we:

should provide them with a way to authenticate by providing a user/pass. From the user we derive the collection name. And the bucket name always stays the same (i.e. vieuxsinge-editor ?).
provide a way to change the server, but the option is not too visible (e.g. accesible after clicking a "advanced options" link?)
should then think about a way to share the recipes, maybe ? (should everything be public? I would say yes)

Answer 3 · 2016-10-05T10:10:39.000Z

Also, what happens when someone starts editing a recipe? Should we first ask them for a login/pass ? If so we should state clearly that no other registration mechanism is needed, and that it takes just a few seconds to enter (it makes is harder to use the software, if people just want to do their recipes, and don't care about their user/pass)

Answer 4 · 2016-10-05T11:56:01.000Z

Agree with you on authentication and hiding advanced options.

For recipes sharing, I was more thinking of something like what we've done in ihatemoney
You provides a project name and password and everybody can read/edit/delete

For new recipes, I like the way it is done in malt.io:
http://www.malt.io/new
You can create/edit a recipe, but it will not be saved until you log in.

Answer 5 · 2016-10-05T12:00:27.000Z

For sharing, I believe it might be cool to have a checkbox stating if you want to share it or not (which would be "on" by default), because I like the idea of using this as a book you can also see to others (and maybe integrate in other websites). In terms of code, it's just a matter of adding some permissions on the collection / bucket when you create it.

OK for the rest :)