{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Emotional °昔 的问题《Polymer 1.0: How to design a modern authentication》','https://www.manongdao.com/q-587746.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Our Challenges:
It seems to me The Polymer 1.0 developer community faces the following challenges right now:
We have no user auth UX example to follow. This Stackoverflow question requests a user authentication UX example. And describes why it's needed. This Github issue also documents multiple user requests for such a user auth UX example. And there has also been lots of anecdotal chatter on the Polymer Slack Site about this issue as well.
Modals don't currently work inside
<paper-drawer-panel>. This open bug issue report, this Stackoverflow question and its accepted answer collectively prove that a bug requires<paper-dialog modal>elements must go outside any<paper-drawer-panel>element in order for themodalto render properly (i.e., in front of the modal's backdrop, not behind it). This issue report and this Stackoverflow question also verify same.But modals inside panels have become the defacto standard auth UX design. It seems to me a principle of modern web app design that user authentication buttons (e.g.,
loginandsignup) go inside the equivalent of whatever version or "analog" of<paper-drawer-panel>any given web app happens to use. (Also, these auth buttons usually appear in the upper right corner of every screen of the app until the user logs in. Then they are replaced with an icon or link indicating login status.)
Code Examples:
Refer to the code examples contained here (in the question and answer). That code would be the same for this question too.
Question:
How do we, the Polymer 1.0 development community, best meet these challenges and build the best user auth UX experience possible? Perhaps there is a mistake in my facts or assumptions stated above? Perhaps someone has a direct (or workaround) solution they can share? Perhaps someone from Google's Polymer team would like to chime in? Any and all ideas, suggestions, feedback and answers are welcome.
On this bug report rubenstolk provides a hack-fix as follows:
I have tested it and verifies that it works. So for now, that solves challenge #2 in the question. Therefore, I suppose it is sufficient for now to wait until the bug is fixed.
I modified the PSK adding a login form, made out of a paper header panel, modifying routes for unauthenticated users and hiding the toolbar, by default. This is done with
The UI reappears with
This is just the beginning of a solution. For a complete solution, I would like an iron auth element supporting generic host and usual OAuth sites.