Skip to content

Introduce display name in relation to usernames

Problem description:

  • "Usernames" shall not be public but "Display Names" shall
  • "Usernames" cannot be changed but "Display Names" shall
  • "Usernames" are used for authorization
  • "Display Names" are public pseudonyms for "Usernames" and shall become the publicly visible name for a user

Solution:

In upcoming dmx-platform we introduce two new types:

  • Topic Type "Name" (Simple, Text)
  • Assoc Type "Display Name" ("Simple, Text) for relating "Usernames" and "Name"

The nickname will then be stored in direct relation to the username

"My Login Name" (Username) -- Assoctype: Public name -- "My Public Nickname" (Nickname)

To make use of these new types dmx-platform must be extended about the following privileged calls:

// method signatures are only proposals 
boolean hasDisplayName(String username)
void getDisplayName(String username)
void changeDisplayName(String username, String newDisplayName)

I know this is far from optimal (3 years ago we already sketched a more enviable path dmx-platform/dmx-platform#74) but it seems this is now the quick way to become GDPR compliant.

With those extensions on platform-level, the dmx-sign-up module shall be extended like this:

  1. The account creation form an additional new "Name" field
  2. With platform support, users can change their "Display Name" through a custom authentication workflow (as in the to password-reset workflow)
  3. To support the latter, "sign-up" dialog for self-registration could be extended about an additional "Display Name" dialog

As "Display Names" shall be publicly READable (=reside in "System" workspace) AND while users must be able to edit/change them, we must secure the privileged core call on the level of the dmx-sign-up module, e.g. through implementing an authentication workflow relying on a users "Email address" (alike in place for "Password reset").

@jri: Please tell me if the above mentioned model changes and service calls were introduced to the current dmx-platform snapshot. I (or someone else) could then adapt dmx-sign-up accordingly so this does not block you in your project.

FYI: @jpn

Edited by Malte Reißig