We have a social networking site where people have contacts and we want it to be integrated with XMPP. We currently use ejabberd XMPP server.
Here are my questions:
How to properly create account? Right now, what I'm thinking is on user registration on our web app, we'd call a script that would execute an ejabberd command to create a user.
User authentication. Upon user login on our website, the user would be automatically logged in on the chat system. How do you do this on the client side with strophe.js? As I understand, you need to provide JID and password for authentication, so I'm thinking that on login, there would be an ajax call to get user's password, then use the response text on strophe.js' login call. Is this secure? Are there other ways to do this?
Presence registration. Our web app has a contacts system, but XMPP has its own way of adding contacts through presence subscription, right? Example: When user1 tries to add user2, an authorization would be asked to user2 before user1 can be a contact of user2. But since we already have a contacts system on our web app, we want to bypass this authorization of XMPP or suppress it and just authorize with a script/command when user2 confirms user1 as a contact on our web site. It's not clear to me yet but a colleague said this is possible on ejabberd's module mod_admin_extra (a command that will create a subscription without having to client-side authorization). Is it possible or do I have to manipulate the ejabberd database manually with a script (provided I transferred from the default Mnesia db to another db, say MySQL).
Thanks in advance.