[MTOS-dev] Beta 5 and the Comment Session Revamp

[Timothy Appnel]

As an addon to my initial questions I wanted to throw two things that
would be really helpful to a client situation I'm in right now.  I was
trying to work (hack?) these out on my own and then eventually submit
something as a MTOS patch, but while that code is under construction
perhaps this could be addressed.

There doesn't seem to be a way for a third-party commenter auth driver
to logout a user. From the code I was working with clicking signout
calls MT::App::Comments::handle_sign_in, but the logic never
runs/calls the Auth drivers handle_sign_in method UNLESS its the
TypeKey driver. (It doesn't seem to the TypeKey has been as abstracted
from the core as the rest of the systems.) Really there should be a
separate handle_sign_out method used, but I'll take anything. The
reason I need it is so I can kill the client's "main" site
authentication system cookies and truly sign out the user.

Also, In order to provide a seamless experience with their main
website I need to be able to automatically log a user that has already
authenticated with the mothership. Through an encrypted cookie, I can
tell if they have authenticted and the basic information MT needs for
its system -- username, display name, email. The thing is MT's
commenter auth drivers and associated JavaScript assumes some type of
input is required. There is no way of saying the user has said cookie
there for I can create an MT session for them right away.

While I have a personal interest in these two scenarios, I don't the
scenario I'm looking at is uncommon for what other integrating MT
blogging in to a larger site with authentication would face.

Thoughts?

<tim/>

-- 
Timothy Appnel
Appnel Solutions
http://appnel.com/