You can let people register or log in with one simple line of code:

​

Q.Users.login();

​

Users will also be able to bookmark your apps on their home screen as a "web app". This increases engagement, one of the most important metrics for a social app.

The user can log in using their email or mobile phone, or even an external provider like facebook. The dialog is built to feel native even on mobile phones.

People without an account can use the same dialog to register and try the app without up a password or checking for a confirmation email.

If they like it and come back in the future, or from another device, they will be asked to set up a secure passphrase.

Passphrases are much more secure and easy to remember than passwords. Qbix takes the additional step of recommending passphrases based on excerpts from Yahoo News or randomly generated phrases, helping users set up passphrases which are actually hard to guess.-Implementing a correct OAuth 2.0 flow so that the native apps can recognize the user without needing a password

On the server side, Qbix (actually the Users plugin) automatically sets up all the tables you need to store user info when you install the app. That includes storing passhprases securely (hashed using key stretching and and salting), to prevent rainbow table and other attacks. User sessions contain measures to prevent cross-site request forgery, session fixation, and other attacks.

Qbix has many good reasons to standardize the user system. Besides making it easy to create social apps out of the box, Qbix also helps ensure best practices for users of those apps, and promotes a common experience so that users can know what to expect. Apps built on Qbix can all make use of users, invitations, contact labels, access control (roles and permissions around contacts), in a way that users can get used to and plugin developers can rely on, improving the social app ecosystem.  

The Qbix Users system also correctly implements oAuth 2 and more. But it goes far beyond oAuth 2, allowing Qbix apps to run on a completely decentralized social network, where all the users -- people and organizations -- can own and publish their own data, and interoperate with one another.