feat(client): Better handling of deleted accounts on /force_auth #3419
feat(client): Better handling of deleted accounts on /force_auth #3419
Conversation
4fc4265
to
f551600
Compare
var self = this; | ||
return this.invokeBrokerMethod('afterForceAuthError', account, err) | ||
.then(function () { | ||
return SignInView.prototype.onSignInError.call( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Re add the UNKNOWN_ACCOUNT
branch before the SignInView method.
458883e
to
594e622
Compare
This has turned up bugs all over the place, both browser and content-server. I'm going to file some issues tomorrow. |
66e5990
to
6a05ab1
Compare
730e32a
to
fb5d9d3
Compare
@@ -139,7 +144,7 @@ define(function (require, exports, module) { | |||
}, | |||
|
|||
_selectAutoFocusEl: function () { | |||
var prefillEmail = this.getPrefillEmail(); | |||
var prefillEmail = this.getPrefillEmail() || this.model.get('forceEmail'); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this.model.get('forceEmail')
should go first.
PR #3419 was out of control, largely due to functional test refactoring. I took the refactoring out of that PR into this PR. * Use new helper functions to reduce boilerplate * Add helpers.openForceAuth * Update helpers.openFxaFromUntrustedRp and helpers.openFxaFromTrustedRp to take an options block instead of urlSuffix and trusted/untrusted flags. * update helpers.fillOutForceAuth to skip entering the email if `options.enterEmail` === false
a3ed595
to
d8c59da
Compare
PR #3419 was out of control, largely due to functional test refactoring. I took the refactoring out of that PR into this PR. * Use new helper functions to reduce boilerplate * Add helpers.openForceAuth * Update helpers.openFxaFromUntrustedRp and helpers.openFxaFromTrustedRp to take an options block instead of urlSuffix and trusted/untrusted flags. * update helpers.fillOutForceAuth to skip entering the email if `options.enterEmail` === false
PR #3419 was out of control, largely due to functional test refactoring. I took the refactoring out of that PR into this PR. * Use helper functions to reduce boilerplate * Add FunctionalHelpers.openForceAuth * Update helpers.openFxaFromUntrustedRp and helpers.openFxaFromTrustedRp to take an options block instead of urlSuffix and trusted/untrusted flags. * update helpers.fillOutForceAuth to skip entering the email if `options.enterEmail` === false
PR #3419 was out of control, largely due to functional test refactoring. I took the refactoring out of that PR into this PR. * Use helper functions to reduce boilerplate * Add FunctionalHelpers.openForceAuth * Update helpers.openFxaFromUntrustedRp and helpers.openFxaFromTrustedRp to take an options block instead of urlSuffix and trusted/untrusted flags. * update helpers.fillOutForceAuth to skip entering the email if `options.enterEmail` === false
74e0117
to
1d0621f
Compare
@@ -179,6 +179,10 @@ define(function (require, exports, module) { | |||
}, | |||
|
|||
transformLink: function (link) { | |||
if (! /^\//.test(link)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it worth using a regex for this? It looks like we're only interested in the first character, would something like the following be clearer?
if (link[0] !== '/') {
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You know, I'm so used to using RegExps for everything, I didn't think of the simple way to do it.
@shane-tomlinson, what are you talking about, I think this looks good! Considering the logic, it reads very clearly to me. 👍, r+, et cetera and so on. |
1d0621f
to
f2d0e81
Compare
Sync users who click "Manage account" are sent to the `/settings` page. A user may have to sign in via force_auth if their sessionToken is no longer valid. If the user deleted their account, they may have to re-sign up, or if they have already re-signed up, they may have to sign in. This PR checks whether the passed in email and uid are still registered before allowing the user to sign in. If no uid is passed: * If the email is no longer registered, allow the user to sign up again. If a uid is passed: * If the email is no longer registered and the broker supports a UID change, allow the user to sign up again. * If the uid is no longer registered but the email is, allow the user to sign in if the broker supports a UID change. * If the broker does not support a UID change, dead end for either case. Currently the only broker that allows a UID change is fx_desktop_v3. We can expand this functionality to other brokers once we verify support. fixes #3057 fixes #3283
f2d0e81
to
485433f
Compare
…er-delete-account feat(client): Better handling of deleted accounts on /force_auth r=@philbooth
PR mozilla#3419 was out of control, largely due to functional test refactoring. I took the refactoring out of that PR into this PR. * Use helper functions to reduce boilerplate * Add FunctionalHelpers.openForceAuth * Update helpers.openFxaFromUntrustedRp and helpers.openFxaFromTrustedRp to take an options block instead of urlSuffix and trusted/untrusted flags. * update helpers.fillOutForceAuth to skip entering the email if `options.enterEmail` === false
Sync users who click "Manage account" are sent to the
/settings
page. Auser may have to sign in via force_auth if their sessionToken is no longer
valid. If the user deleted their account, they may have to re-sign up, or
if they have already re-signed up, they may have to sign in.
This PR checks whether the passed in email and uid are still registered
before allowing the user to sign in.
If no uid is passed:
If a uid is passed:
allow the user to sign up again.
in if the broker supports a UID change.
Currently the only broker that allows a UID change is fx_desktop_v3. We can
expand this functionality to other brokers once we verify support.
fixes #3057
fixes #3283