Closed Bug 1374307 Opened 7 years ago Closed 7 years ago

Auth0 auth loop when trying to add secondary email via Mozillians.org

Categories

(Participation Infrastructure :: Phonebook, enhancement)

Product:
Participation Infrastructure
Component:
Phonebook
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: claudijd, Assigned: viorela)

Details

During a security test of Mozillians.org, I noticed what appears to be a non-security related bug that prevents users from adding a secondary email address to their mozillians.org profile.

Reproduction Steps:

1.) Go to profile
2.) Attempt add another email using the "Add email" button
3.) Get prompted for auth0 login
4.) Auth against auth0 login
5.) Get redirected back to the profile page
6.) Go back to #2 and repeat (infinite loop)
Viorela, can you please test this scenario?
Assignee: nobody → viorelaioia
Flags: needinfo?(viorelaioia)
(In reply to comment #0 and comment #1)

It is not actually an infinite loop and secondary email can actually be added. 

Follow these steps:

1.) Go to profile
2.) Attempt add another email using the "Add email" button
3.) Get prompted for auth0 login
4.) Enter your email address that you want to add as secondary email address(e.g abc@xyz.com)
5.) Confirm sign in from the email sent to your desired secondary email address (e.g abc@xyz.com)

You should now be redirected to your profile edit page and your new secondary email address should be added there.


So, as you can see, the problem is not actually an infinite loop rather the problem is that when trying to add secondary email address, it is showing the default login page with no indication whatsoever that user should input their new email address not the existing one. 

My suggestion:

1. There should be some kind of message that asks user to input their new email address.
2. If the existing email address is given, it should show an error message as existing email address can not be added again as secondary address.
Flags: needinfo?(viorelaioia)
See also Bug 1328084
Commits pushed to master at https://github.com/mozilla/mozillians

https://github.com/mozilla/mozillians/commit/170b2cc78797cb8507d756ceae3af99fcef61c7a
[Fix bug 1374307] Add help text on secondary emails

https://github.com/mozilla/mozillians/commit/c0c276345465394c82f6b9b19f44de7f27dd768a
Merge pull request #1786 from comzeradd/1374307

[Fix bug 1374307] Add help text on secondary emails
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.