Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Handle payment server token expiration more gracefully #1694
Follow-up to #881
Payment server gets a token with a short expiration. That means the user could more likely be in the middle of something when it expires.
Currently, we sometimes bounce back to the settings page on the content server when this happens. Other times, we just report errors. This should be smoothed out into something with better UX - automatic token refreshes? something else?
referenced this issue
Jul 8, 2019
This might be blocked by #1696 if we want a resolution here to be that the payment app silently requests to refresh its short-lived token and retries the operation. (i.e. The user attempts to submit payment to subscribe, but they took longer than the token lifetime and so the request fails unless we get another token)
In fact, we might want some product / UX thinking on this one, too...
Adding needs:product and needs:ux labels. Here's a rephrasing of the problem:
When the user arrives at either a product payment page or the subscription management page, they're sent in with an access token. That access token allows the payment pages to make API calls. The API calls accomplish whatever the user's there to do - e.g. pay for a new subscription, update their current card, cancel subscriptions, etc.
For security reasons, that access token has a short life time - which currently defaults to 15 minutes. After that life time expires, it's no longer usable to make API calls and the user needs to somehow acquire a new one. In terms of UX & product, that means if the user takes longer than the access token life time to complete a task, that task will fail with an error.
So, what can we do about this in terms of UX & product? Depending on how #1696 works out, maybe we can just request a new access token? Otherwise, we might need some UX finesse to walk the user through starting over with their task, which seems less than happymaking. (e.g. if the user's in the middle of typing out a credit card number, they'd need to do it again after a page refresh)
We might be able to tweak the access token life time, too - though that has security implications and I seem to recall we wanted to make it shorter, in fact.
referenced this issue
Jul 10, 2019
Got a positive answer on refreshing the token in #1696 - so I think this de-escalates from needing any product or UX decisions. I think we can just push refreshing the token into the invisible background and not have to surface it as a concern to the user.