Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle invalid contractId on /login/ request #219

Closed
kcole16 opened this issue Nov 5, 2019 · 2 comments
Closed

Handle invalid contractId on /login/ request #219

kcole16 opened this issue Nov 5, 2019 · 2 comments
Assignees
@marcinbodnar
Labels
Bug Something is not working as it should Priority 1 Top Priority

Comments

@kcole16
Copy link
Contributor

kcole16 commented Nov 5, 2019

Problem
If the contractId is wrong in a /login/ (e.g. login/?contractId=THISDOESNTEXIST) request from an app, a useless access key is created (or is it?) and the app is forced to identify the error with little to no information.

Expected Behavior
If a contractId is invalid, we should prevent the user from going through the /login/ step, and return an error to the app.

Steps to reproduce

  1. Go to corgis.nearprotocol.com
  2. Select "Login w/ Near"
  3. Edit the contractId argument in the url to contractId=notrealid and resubmit
  4. Complete login
  5. Try to generate a Corgi
@kcole16 kcole16 added the Bug Something is not working as it should label Nov 5, 2019
@kcole16 kcole16 mentioned this issue Jan 22, 2020
Closed
@kcole16 kcole16 added the Priority 1 Top Priority label Feb 24, 2020
@kcole16
Copy link
Contributor Author

kcole16 commented Feb 24, 2020

Acceptance Criteria

Login /login

  • If contractId does not exist, the user is displayed a warning message (see below) in a modal
  • Clicking "Return to App" in the modal redirects the user to the referring application

Warning Message

"The contract <contractId> does not exist. This may be an issue with the application you are trying to use, or this contract may have been deleted. You will be redirected back to the application"

@vgrichina
Copy link
Contributor

question from @marcinbodnar

how can we check if contract_id from param is valid?

It has same constraints as account Id + it also needs to be an existing account (i.e. we'd want to query near node for that account). Can be done similarly to user profile component I think (after Chad changed it to work with any account vs current account).

marcinbodnar added a commit that referenced this issue Feb 26, 2020
@marcinbodnar
Handle invalid contractId on /login/ request (#219)
e00d796
marcinbodnar added a commit that referenced this issue Mar 5, 2020
@marcinbodnar
Handle invalid contractId on /login/ request (#219)
3587e32
marcinbodnar added a commit that referenced this issue Mar 5, 2020
@marcinbodnar
Refactor handle invalid contractId on /login/ request (#219)
16c537c
marcinbodnar added a commit that referenced this issue Mar 5, 2020
@marcinbodnar
Code cleanup for Login component (#219)
2da126b
marcinbodnar added a commit that referenced this issue Mar 6, 2020
@marcinbodnar
Handle invalid contractId on /login/ request (#219)
908af6f
marcinbodnar added a commit that referenced this issue Mar 6, 2020
@marcinbodnar
Refactor handle invalid contractId on /login/ request (#219)
90eb2c8
marcinbodnar added a commit that referenced this issue Mar 6, 2020
@marcinbodnar
Code cleanup for Login component (#219)
f5a8515
@kcole16 kcole16 closed this as completed May 28, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marcinbodnar marcinbodnar

Labels
Bug Something is not working as it should Priority 1 Top Priority
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@vgrichina @kcole16 @marcinbodnar