Default avatar
npub1ncda...r8ar 2 years ago
Sure, but here we are talking about 2 things here 1. the nsec.app flow (or any other provider) which IMO should provide a leaner option - specifically with no modals and no popups. 2. the styled button to "bind them all" has a different purpose and yes, provide great utility as a drop-in solution. So yes, my "objections" is mostly to the modals/popups in nsec.app flow. I still owe @npub1xdtd...ntxy a proper github issue about that. In respect of the window.nostr.js button UX I would argue that in the Standard Oauth user click on the familiar Google icon, does not have to type in your email address. But yes, how would the Login button know which provider to call without the address? Then maybe an option to just "pick a provider" and show a list would be nice, I guess.
↑ Parent

Replies (2)

Default avatar
npub1xdtd...ntxy 2 years ago
I don't think we should have 'login with nsec.app' buttons or any other provider-specific naming/branding deployed by apps. People are kind of used to remembering and entering their email to sign in to apps, so entering nip05 should not be a huge friction, it's very familiar. The @domain part can be auto-completed based on a published list of providers to simplify things. Popups can be avoided - you can redirect users to auth_url instead of showing a popup. The question of callback_url remains, there is no standard for it out there, if you're ready to advocate for it you can join the new-nip46 discussion on github. Btw I will also try showing auth_url in an iframe, not popup - should provide more control over how it looks and behaves. You feedback was noted and I have issues for it on our github.