Designing the clone
For this chapter, we will be building a no-frills photo-sharing application called Photoclone, hosted at the domain http://photoclone.saush.com.
Authentication, access control, and user management
Authentication and user management follow the similar route we went through in the Tweetclone. As before we will use RPX to proxy the third party authentication providers we want to use. However, unlike in Tweetclone we're not going to provide any APIs and therefore we're not going to use any client authentication. In this case we're not going to restrict ourselves to using Google's authentication mechanism as before.
This means that for user management, the functions are split between Google and Photoclone again. The functions to change their profile, manage their passwords, and generally secure their account lies with the authentication provider. However, Photoclone requires a user entity to manage the user-to-user relationships as well as photo ownership and therefore we store...
