LastUser is a identity aggregating web service written in Python using the Flask framework. It provides an OAuth server that proxies for various popular identity providers.
3. LastUser is an identity
aggregating web service
LastUser
Your App 1 Your App 2 Your App 3
4. A simple goal
Login identifier that
Login
users can remember
Relief from password
Password
management
Submit
No user registration.
Just login and use
12. Contrast with email Addresses:
kiran@hasgeek.in
Change one character and it’s no longer
valid. Users are conditioned to type them
in exactly every time
24. Connecting identities
Users sometimes login with
a different service provider
Accounts can be connected
if there is a common id
Twitter does not provide an
email address
GitHub provides only
md5sum of email via
Gravatar. Can be connected
if email is already known
29. OAuth 2.0 has two parts
OAuth OAuth
Authorization Resource
Server Server
1. Request an OAuth Client 2. Use token to
access token access resource
30. OAuth 2.0 has two parts
OAuth 2.0 doesn’t
specify how this
OAuth OAuth
bit works
Authorization Resource
Server Server
LastUser does
1. Request an OAuth Client 2. Use token to
access token access resource
33. Pending work
Seamless login UI and pure client-side JS login API
Non-web login flow
Authorization to resource server communication protocol
Support for token types other than bearer tokens