I spent some time searching for this and have not come up with much.
Has anybody implemented or tried to implement user authorization (read:
limit users that may sign in) with Janrain?
I think there are two possibilities here... The first possibility falls
under standard authorization where you define a "list" of users that are
authorized somewhere in db.auth* which is consulted at login. Of course,
there is a potential issue with impersonation where someone other than the
intended user registers a FaceBook, LinkedIn, etc account...
The other path would be to either gate registration similar
to auth.settings.registration_requires_approval = True for builtin
authentication. That should be fairly easy to implement. OR.. Leave the
Janrain user creation alone and assign a group permission to controller
methods. The downside here is existing site code would have to be
refactored if someone wants to go from local auth to janrain. For example,
@auth.requires_login() would have to become
@auth.requires_membership('authorized') for the same level of security.
Would anybody (besides me) be interested in this?
I could work up some code
