Closed
Bug 888036
Opened 11 years ago
Closed 11 years ago
Cannot switch users while PIN is unlocked
Categories
(Marketplace Graveyard :: Payments/Refunds, defect, P2)
Tracking
(Not tracked)
VERIFIED
FIXED
2013-09-10
People
(Reporter: kumar, Assigned: wraithan)
Details
STR - open Marketplace dev - search :paid - purchase an app - log in with an email - create/confirm PIN - confirm mobile number via SMS (if necessary) - confirm the purchase, install the app - log out - log in as a second user with a different email and different persona account - search :paid, click to purchase another app within 3 minutes Actual: if you switch to the new user and initiate a purchase within 3 minutes, the PIN from the first user will be unlocked. You will immediately see a purchase confirmation screen (no PIN entry). You can then complete the purchase as the first user. Expected: you should be logged out of the payment flow entirely when you begin a purchase as the second user. You should be prompted to create/confirm a new PIN and you should start with a new Bango screen
Reporter | ||
Comment 1•11 years ago
|
||
To fix this, we would need to put an intermediate page in front of this redirect that allows Persona to log the user out (if necessary) https://github.com/mozilla/webpay/blob/master/webpay/pay/views.py#L118
Updated•11 years ago
|
Priority: -- → P2
Assignee | ||
Updated•11 years ago
|
Assignee: nobody → wraithan
Assignee | ||
Comment 2•11 years ago
|
||
Same as I just posted: https://bugzilla.mozilla.org/show_bug.cgi?id=887862#c3 This is a marketplace login/logout which are currently separate from webpay.
Updated•11 years ago
|
Version: 1.0 → 1.3
Reporter | ||
Comment 3•11 years ago
|
||
correction: pin unlock window is 5 minutes https://github.com/mozilla/webpay/blob/master/webpay/settings/base.py#L350
Assignee | ||
Updated•11 years ago
|
Target Milestone: --- → 2013-09-10
Assignee | ||
Comment 4•11 years ago
|
||
https://github.com/mozilla/webpay/commit/9170b4a6899572c5e17e025de0b5795cd0e8648b Had to clear last login and the new bounce code now covers this as well.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Comment 5•11 years ago
|
||
Verified as fixed. The new PIN is required after changing the users.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•