Openid: very smart, not that hard to implement

It’s amazing how something that otherwise seems very complicated can become manageable just by tapping into the right library, grabbing some sample code and add the little flare that excites you. That’s the gist of my experience implementing openid on grubsnitch.com, an experimental community website. Ever since I first heard about openid I wanted to support it on the site. For a small site reluctance to signup to “yet another site” is the biggest hurdle in acquiring new users. Now with openid the users can choose to trust me with their password information or simply have those responsibility handled by their openid provider.

If you are interested in implementing it on your site you should check out Dan Webb’s No Shit Guide To Supporting OpenID In Your Applications. I used that tutorial as a base for my implementation but added the ability to have regular users to live in harmony with openid users. I am working on extending Dan’s tutorial to include those features which will also have the potential of allowing users to change how they authenticate with the site according to these two use cases.

1. A user discovered grubsnitch.com a while back and made some great restaurant reviews but now has discovered openid and wants to use it in as many places as possible. If the openid users and regular users share a user model then that becomes a possibility.
2. User who was very sceptical of grubsnitch.com but decided try it out by authenticate through openid but then realized the great value of the site or didn’t like openid and wanted to change how they authenticate with the site.

This approach is hinted at in the comments on Dan’s post but not elaborated further. For general info on openid check out Simon Willison screencast and the opendid website.