STR: Requires two persona accounts A and B * Signout of marketplace * Login to marketplace with user A * Start a payment with user A * Cancel the payment flow * Logout of marketplace * Login to marketplace with user B * Start the reset-pin flow * Get to persona What happens: * Note the email address populated is user A not B. What should happen: * The email address should be blank rather than incorrect. In webpay we cleared what was sent to persona for this case. Ideally we should be updating the Single-Page apps understanding of the user so we can send the correct hints. Afaict we don't expose the email from the verification to the SPA which would be needed. As a quick fix we should not send the stale loggedInUser data for resets and we should also ensure that when onlogout fires the loggedInUser attr is cleared and utils.bodyData.loggedInUser is updated too. Longer term we should expose the email data from verifications so that the SPA's state can be updated to correct. Once that happens we can then pass the correct hints and update the utils.bodyData.loggedInUser whenever it changes.
Assignee: nobody → scolville
Status: NEW → ASSIGNED
This clears logged_in_user when logged out: https://github.com/mozilla/spartacus/commit/0ed62da01ea1a559cb005739d584b920d9c6cc98
Status: ASSIGNED → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.