My registration system usually asks for 4 things:
The user's full name, email address, preferred user name and password.
I want to add four oauth2 registration services so that users can create an account more easily and quickly.
I can see three methods to do this, or maybe there is something more elegant that I have not discovered. He wonders what to choose. I worry about user collisions and ease of use:
The user clicks on a button that represents one of the four services. They confirm that they allow authorization, and they are connected. They receive an email with their username selected by the server, and somewhere in the interface the username is also displayed.
In this scheme, the server will choose the user name of the service if there is no user name collision with my database. Yes there are is a user name collision, the server will add, for example, "2" to the username.
With this method, they click to authorize, and then they are asked for the username, either in the callback URL or on the original page, previously filled in with what the server thinks it should be. A little clumsy, but now they to know what username they receive, even if the email goes to spam.
Registration in two steps. The user (1) selects a username and then (2) on the next screen selects a full name / email / password, or to link it to a service through oauth2. Then (3) authorize the link.
- Method 1 is the simplest in general terms, but there is a risk that the user will lose or never obtain / see / confirm his username.
- Method 2 is a bit clumsy.
- I think Method 3 is pretty clean, but you need two steps to register. Regular inscriptions get longer now …
- Method 3 requires a block in a user name chosen in the interim steps:
Yes someone else create a user with our user name selected in step # 1, and our user is in step # 3, then the server should go back to Method # 2 or Method # 1. Alternatively, the username is blocked by a period of time, but the perimeter case still remains. In summary, Method # 3 is clean, but it takes a few steps more than the other methods and has cases of the latest generation.
Any thoughts on which method should I choose, if any?