On Sun, Jul 29, 2018 at 8:16 AM, Sam Wilson <sam(a)samwilson.id.au> wrote:
On 29/07/18 00:35, Gergo Tisza wrote:
On Sat, Jul 28, 2018 at 10:37 AM Sam Wilson
<sam(a)samwilson.id.au> wrote:
I've been wondering about how this sort of thing would work as well, in
the context of a Piwigo plugin that I've been
working on for easily
uploading photos to Commons (or any MediaWiki site). It seems the
easiest way to do it is to get users to register their own personal
(owner-only) OAuth consumer (which I think never requires approval?) and
then have them enter the consumer token in the app.
I'd say that's the hardest (although it could be made more user-friendly
with some effort).
See
https://phabricator.wikimedia.org/T179519#3727899 for other options.
Good point: I guess I meant "easiest" as in "closest to getting oauth
working"! :) But yeah, hardly simple from the user's point of view.
I was thinking that bot passwords are generally discouraged as part of a
normal user workflow. I'm probably thinking too strongly though, and it's
fine to direct people to Special:BotPasswords. Although, by default it does
say "If you don't know why you might want to do this, you should probably
not do it." which might be discouraging to some people. Still, easy enough
to spell out what's going on before sending people there.
, is
this implemented like it should? is there any difference from "any"
application or applications on the tools server? am looking at the code
here currently: