Bug [https://bugzilla.mozilla.org/show_bug.cgi?id=314928 314928]
==Goals==
The Litmus Authentication System is designed to accomplish several goals:
* Manage user data related to testcase management, including information about the authors of testcases and test results.
* Utilize the existing authentication information maintained in the Bugzilla user table so that contributors that already hold Bugzilla accounts do not need a separate account to use Litmus.
* Allow more casual testers to contribute without the burden of creating a Bugzilla account.
* Users who begin without a Bugzilla account should be able to later "graduate" and link their Litmus account with their Bugzilla account.
* Maintain security and privacy of user data, including email addresses, such that users are comfortable giving out any personal information used to participate in Mozilla QA.
==Initial Features==
* Login
* Create account (Litmus-only or linked with Bugzilla)
* New login cookie for user state (with code-level security audit to follow)
==Questions==
* What (if anything) should users be able to do anonymously?
** One idea: allow result submission with only an email address, but encourage them to make an account as they keep submitting more and more results. Track remote IP address so we can ban abusers as needed.
** Require a Litmus account (easy to create with just email and password) for submission, allow the user to later link that with a Bugzilla account if they end up creating one.
*** This is probably our best option, since it would also keep it possible to use Litmus separately from Bugzilla as needed.
** Require a Bugzilla account for all result submission.
*** Not really a good option, as creating a Bugzilla account is entirely too much trouble.
==Privacy==
A collection of privacy rules or settings is required to govern when email addresses and other personally identifiable information is displayed. In general, we should tend toward not displaying information about casual testers/result submitters while displaying information about test authors and community leaders. In some cases, it may be more appropriate to display a real name only, but careful consideration should be given to avoiding user spoofing attacks since real names cannot be guaranteed to be unique.
==Why not an existing solution?==
While the CPAN has several resources for pre-built authentication systems for web applications, I (Zach) believe that the need for integration with Bugzilla's authentication table (but not the wholesale copying of the Bugzilla user database) is great. We certainly should not require casual testers to create Bugzilla accounts in order to contribute, but for those with accounts, having only one account offers distinct advantages.
==Proposed User Table==
<pre>
user_id
bugzilla_uid
login_name
email
password (crypt'd)
real_name
is_admin
disabled
(various preferences TBD)
</pre>
==Proposed Session Table==
<pre>
session_id (secure random token stored in login cookie)
user_id
expires
</pre>
