Authentication API

[McCrea]

We should have, like, an API which handles authentication.
We have such an API at the moment, but it could be improved somewhat - mainly to support multiple methods of authentication. This should then be integrated with the improved users API which is being discussed in #170.

[notchris1]

I agree, probably change the existing users pal into like googleauthPAL or something, what else needs investigation, twitter, Facebook for All the blogging flow cytometrists. what about django's auth system

[McCrea]

That sounds sane.

[notchris1]

I'm assuming we are going to want to have an interface with unique Id, provider, nickname and email

[McCrea]

That would sound sensible.
Some research into the other available methods for authentication will be required in order to find out if we need to store any other information.
We can always store some extra information as JSON (or just as part of a Python object where supported - like NDB) if anything has any really obscure requirements.
Obviously a uniform record structure for authentication/user information would be desirable.

[notchris1]

yeah, It would be prudent then to make a list of common auth providers then, and work out common elements.