Integrate openid?

I would like to replace the custom user registration with openid, so customers only need to enter a username & password they already know to purchase from me. I don't need any of the registration fields but it would be ok if they were optional after the open id login. Any ideas?

Hi,

If you setup a simple customer account directly in the customer table and enter an id rather than an email address and give them the details for that this raises a few issues:

1. What about the customer email address?
2. What happens when the customer purchases something you need address information for payment.
3. You need address information for delivery.
4. Everyone can see what everyone else has bought through the invoices.
5. etc...

Phil.

OpenID is dead idea so need to move on..better to integrate gMail, yahoo or even stupid facebook

Hmm maybe not all that dead...

Quotes from the OpenID.co.uk website.

# Yahoo! and Microsoft: Still Testing OpenID Implementations
# Your MySpace Profile Is an OpenID
# Facebook Joins Board of OpenID Foundation
# PayPal: New Board Member of the OpenID Foundation joined on January 28, 2009.

Who is using OpenID?
Google
Yahoo! (and flikr)
Wordpress
Facebook
MySpace
AOL

phpuk wrote:1. What about the customer email address?
2. What happens when the customer purchases something you need address information for payment.
3. You need address information for delivery.
4. Everyone can see what everyone else has bought through the invoices.
5. etc...

http://openid.net/add-openid/

openid wrote:Accepting OpenIDs gives access to a rich set of user data that would otherwise require the completion of lengthy registration forms to obtain. Many OpenID providers collect and share a wide range of demographic information, including name, date of birth, location, gender and an email address.

Just because customer logs in via OpenID doesn't mean you can't ask shipping address, payment address during checkout process or maintain an address book for that customer - or order history for that matter....

This is important. Perhaps someone should have another look at the integration possibilities....

I would also like to see support for OpenID.

If it's a new user logging in with OpenID, store the OpenID name then present the page(s) to fill in the rest of the information such as mailing address. OpenID 2.0 allows for some information to be transferred automatically such as email address (if the owner of the ID allows it).

I also think OpenID is a MUST in any new web-app. If we ask for a pasword to our customers, we are asking them to trust the way we deal with it. They will never be sure if we hash it or if we store it as plain text, if access to our databese won't be compromised... And there is no need to ask them for that, we have OpenID. As Jeff Atwood writes in The Dirty Truth About Web Passwords

the dirty truth about website passwords: we're all better off without them. If you'd like to see a future web free of Gawker style password compromises -- stop trusting every random internet site with a unique username and password! Demand that they allow you to use your internet driver's license -- that is, your existing Twitter, Facebook, Google, or OpenID credentials -- to log into their website.

There is no problem if you don't get the customers address or any other detail from the OpenID server, opencart will ask the customer for the shipping or billing address when he places the order... what's wrong with that?

Having said this, here you have a patch to the opencart 1.4.9.5 code (remove the .txt extension). You can see it working at our site Módulos de pago

I also attach the diff file but it lacks two new files /system/library/openid.php and catalog/view/theme/default/image/openid.gif ->

Personally I was fond of the idea of OpenID but I think it missed its mark for the majority. I personally never use real info on most sites that ive seen offer openid.. and I've never seen any stores that I've shopped at use it.

But thanks for the patch and I will take a look at it.

Probably you are looking for this?

Social Sign in - OpenCart - http://www.opencart.com/index.php?route ... on_id=1997

that allows you more than one providers integration for the user to signup / login with... like facebook, twitter, Google, yahoo, openid etc..

I will not patronize a store that would share my personal information with anyone else. It is an invitation for ID theft. Yahoo, Google, etc., do not, and never will, have my personal information. They have no legitimate reason for it. Unlike customers of an OpenCart store, services like FaceBook and MySpace that tend to subscribe to common log schemes do not have a financial relationship with their user base.

ZhenIT Sofware wrote:I also think OpenID is a MUST in any new web-app. If we ask for a pasword to our customers, we are asking them to trust the way we deal with it. They will never be sure if we hash it or if we store it as plain text, if access to our databese won't be compromised... And there is no need to ask them for that, we have OpenID.

And if you outsource your store's security to an organization like OpenID, what legally binding guarantees do you have from that agency that their fiduciary trustworthiness is better than yours? Will they cover your store's losses in the event of fraud? This is an order of magnitude more insecure than asking a customer to trust you and your store. This is asking a customer to trust your faith in a third party over which you have no control.