Hi everyone,
To let users access their personal space on a Nextcloud instance, we can use a native OAuth2 client.
However, accessing shares is a bit different: the user needs to provide a share token (that identifies a share on the current instance) and optionally a share password.
What this means for the UI is that we end up with two different login behaviors depending on what the user wants to do. This proposal is to gather feedback on the different ways we could handle that:
1. Unified configuration with multiple login options
Here, the Cristal administrator would not need to do anything more than adding a configuration for the Nextcloud instance, including the OAuth2 client id and secret to support personal space access.
To use a public share, the user would do all the work and go through a login modal, which could look like this:
Inconvenients: each user needs to configure the shares they want to access, and they need to use a log-in menu to switch between what can essentially be seen as configurations. The log-in menu might also be packed with too many things for users that don’t use shares.
2. Separate configurations
Here, the Cristal administrator would set-up a configuration for personal space and a configuration per different share.
Advantages: the users don’t need to do anything else than, optionally, provide the share passwords. They would switch between configurations like they are supposed to in the same way as they would switch between a XWiki and a GitHub instance.
Inconvenients: the users are limited to the shares configured by the administrator, and every user could see every share available at all time (even the one they don’t use, or at least unless we rework the modal showing the available configurations).
3. Separate configurations for personal and shares only
Here, we reach a compromise by only separating the login methods. When using the personal space configuration, there would be no modal and the main Log-in button would start the login process through OAuth2. Another configuration would be use to access shares and the login would be similar to the screen I showed in 1, minus the first section.
My only concern here is whether or not it’s intuitive for a user to have this distinction.
Personally, I would be -1 for 2, and I can’t decide between 1 and 3.
WDYT?