To-dos

Anahita Project

Anahita Project's To-dos

Rastin Mehr

Rastin Mehr

September 11 2011

Configurable vanity URL for the user profiles

Preferably a user or group actor admin should be able to search and reserve a unique url within an Anahita installation. #features
  • Priority: low
Unknown Person liked this
Andy Nash
Andy Nash
September 12 2011 Permalink
On the one hand, the vanity URL people will want is probably often the same as their username, and usernames are unique.

On the other, a profile URL that gives away a username could I suppose give attackers a helping hand.

In the case of sites that use email addresses to log in (in my opinion this should be default for a number of reasons, but its not my call, plus its not the way Joomla works out of the box), this is not a problem, though on my site I would need to prevent username login (currently you can use either), but this would not be difficult.

Currently, I display the username field at signup, but tell the user it is a vanity URL field. Vanity URLs are not yet implemented though - I was planning on using Nginx's ability to to route a URL based on an SQL lookup (e.g. select $userid where username = $username, map site.com/vanityurl -> site.com/people/profiles/$userid). I'm assuming this rewriting would be cachable of course.

Given the above, what are your thoughts? Do you plan to create a new field for the vanity URL, or re-use the username?

If the latter, great, if the the former, I guess I will probably need to ensure:

1. The username field is removed/hidden at signup and the email address is used to populate it.

2. The new vanity URL field replaces the username field (no change to user experience - text and form looks the same, just a different form field with the same description).

I'm not sure whether you have got that far yet (and I'm not bothered either way really), but if you have I can plan those changes my end...

Additional Information

Powered by Anahita