Monthly Archives: November 2008

Correctly Handle OpenID Updates

OpenID is pretty well established as a login infrastructure, but a topic often ignored is correctly letting the user change his saved OpenID. Don’t just save the text they enter! Verify that they’ve entered their valid OpenID. The user model needs to pass this test: The view on /account/edit needs to pass this test: And, […]