[dopamean]

>Gipher has the main features we can find in any modern single page application:

>facebook authentication

What? Authentication with Facebook is a "main feature" of modern single page apps?

I'm not on Facebook and so there are all sorts of things I cant use that require auth with Facebook. This little app does not seem like something that needs Facebook auth to work.

[derefr]

Not the creator, but at a guess (from seeing a lot of apps that do this): the app doesn't strictly require Facebook in particular—but requiring a Facebook account is a popular and simple proxy-method of deduplicating your users so that people can't vote multiple times. Basically, it's a very cheap KYC solution, on about the same level as domain-verification for TLS certs.

I've been thinking for a while of creating a service that's specifically and only for this—an OAuth provider that gets your personal details the way Facebook does and enforces one-account-per-person, but then doesn't actually transmit your identiity to the site using it for OAuth. You, as an app developer, get to know each of your accounts represents a unique human, but don't get to know anything else about those humans.

Alternately, the OAuth provider could be set up so that each human can have multiple pseudonymous accounts on your service (picking at OAuth login time which one they want to use), allowing for creation of cheap "throwaway accounts"—while still giving the site the ability to ban an abusive human altogether, without knowing enough to link the accounts together. To the site, it'd simply look like they ban one account (as an OAuth provider API call), and then the other accounts just never sign on again.

[EGreg]

The best way to prevent rigged voting is not to let the users select what's being voted on out of a large pool. Polling is better!

[cloudjacker]

Clef does this. I implemented it in an app as a proof of concept.