The Problem
I'm writing a standalone desktop application in Haskell and I would love to have an authentication support in it. I want the user to be able to log into this application by google / facebook / etc account.
Some Research
I've found some protocols and related haskell libraries:
Yesod
(web framework) and the second supports OAuth
version 1.0
(currently there is version 2.0
available)The Question
Is it possible to create such authentication in standalone Haskell application? What library should I use? Or maybe I should write it in C++ and use it from Haskell?
The main requirements are:
Original answer
OpenID works by sending the user to its provider's website and then redirecting it back to the "relying" website (cf OpenID spec). This process requires a web browser, so you either have to integrate one into your application or open one up. In the latter case you also need a way to get the result of the authentication process, either by asking the user to copy-paste it or by running a web server on localhost.
Second answer after question update
- The authentication mechanism should work in standalone application on all major platforms (Linux, Windows, Darwin)
- The authentication mechanism should work with application without gui.
Without a GUI, the best solution probably is to just prompt the user for his password. OpenID and OAuth 1.0 don't support this use case, but OAuth 2.0 does. authenticate-oauth and hoauth don't support the 2.0 protocol, but there is an hoauth2 package.
Third answer after further details given in the comments
User will be allowed to create accunt in a web service (and login using exisitng google / (etc) accounts). He will also have the possibility of downloading standalone applciation, which after execution will prompt him to login - to synchronize the settings, accounts etc.
In that case I think the simplest solution is to generate a unique "app key" for each user. He can then enter his user name and app key in the standalone application to authenticate himself to your website. This method avoids asking him for his Google/etc password, which he may not even know if he uses a password manager.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With