> Also, I had the idea of being able to login which would tag your > changes with your username. This would make it easier to search for > what other people have written, and to keep tabs on your own edits. > > For non-logged in users we could offer a textbox for name/email > which they could fill in. Of course, in the spirit of allowing > anonymous users to contibute, we could pre-fill the box with > 'Anonymous' so nobody would think they had to log in.
I like this idea. Right now, the Archive page (using info directly from the RCS delta files) is only showing Anonymous, because nobody is logged in. Actually, MiniWiki feature has the feature of forcing logins, but I never enabled it for the nyetwork.org/wiki site. I didn't like the idea of forcing global login, as it reduces the entry barrier for new users.
Currently, there is already code for letting users change their passwords (using Apache::Htpasswd). What I'd need to add is a couple of pieces of code:
1. Add a link to the navbar, called "New Account" 2. Add a link to the narbar, called "Login" 3. A mod_perl PerlAccessHandler, that checks if the user clicked login (?login=1), and if so sends the HTTP header to request basic auth. 4. All further edits will use the $r->user variable when committing to RCS. 5. Logout will not be required, since as soon as you close your browser, you'll be logged out.
As far as lost passwords, etc go, I'd follow the KISS paradigm, and have people email me. Unless this site blossoms to 100+ accounts, it should be fine. No point in complicating things.
Many of the big Wiki sites (c2.com, twiki, etc) have a convention (not enforced by code) that when you change something, you add a comment somewhere in the page about what you changed, and sign it with your name. That way, logins still aren't enforced.
One of the evolutionary things about MiniWiki, is that it shows the RCS log information more prominently. So, if we add these little bits of code it becomes trivial to look back and see where every word originated from, and when.
I have a simple mechanism which doesn't require any special access handlers, for use when you want to require people to login (as I do) prior to editing, but they can view pages (and possibly add to them, when that feature is available) without doing so. Basically this is similar to using your custom access handler, but I couldn't get that to work.
You have your normal wiki config without any auth:
<Location "/wiki"> PerlAddVar datadir "/home/www/wiki/data" PerlAddVar vroot "/wiki" PerlAddVar authen "/home/www/wiki/auth/htpasswd" SetHandler perl-script PerlHandler Apache::MiniWiki </Location>
And then you enforce logins for editing and saving (anything else?)
<Location ~ "/wiki/\((edit|save|revert)\)"> AuthType basic AuthName "Wiki Editors" AuthUserFile /home/www/wiki/auth/htpasswd Require valid-user </Location>