Closed Bug 1373233 Opened 7 years ago Closed 5 years ago

[Train 89]"Back" button from creating account process is misleading

Categories

(Cloud Services :: QA: General, defect)

Product:
Cloud Services
Component:
QA: General
Platform:
Unspecified
Windows 10
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(firefox55 affected, firefox56 affected)

Status:
RESOLVED WONTFIX
Tracking Flags:
Tracking Status
firefox55 --- affected
firefox56 --- affected

People

(Reporter: sflorean, Unassigned)

Details

Environment: 
- Staging Train 89 - Win 10 (64) - Build 55.0b1;
- Prod - Nexus 6 (Android 7.0) - Build 56.0a1;


Steps to reproduce:

1. Launch Firefox and follow the account creation flow through each page of the Account Setup wizard. At age field type a number >13;
2. Tap on "Back" after the verification link is send and at age field type a number <13 (e.g. 2);
3. Tap on "Back" after the verification link is send and at age field type a number <13 (e.g. 4);

Expected:
After step 2 and 3 the user is not able to change the age and create again the same account. Maybe a message should be displayed.

Actual: 
After step 2 and 3 the user is able to create again the same account, but with age changed, and for the all steps 1, 2, 3 the verification mail/link is valid.


Note: 
- The account was not verified before performing steps 2 and 3.
Thanks Sorina!  ISTM that at step (2) this should trigger our age-checking logic and prevent you from creating the account.

Out of curiosity, what would you expect the behaviour to be if, in step (2), you entered a different age that was >13 rather than <13?
(In reply to Ryan Kelly [:rfkelly] from comment #1)
> Thanks Sorina!  ISTM that at step (2) this should trigger our age-checking
> logic and prevent you from creating the account.
> 
> Out of curiosity, what would you expect the behaviour to be if, in step (2),
> you entered a different age that was >13 rather than <13?

A message telling me that an account has already been created with the email address from step 1. For both cases >13 and <13.
(In reply to Ryan Kelly [:rfkelly] from comment #1)
> Thanks Sorina!  ISTM that at step (2) this should trigger our age-checking
> logic and prevent you from creating the account.

This is incorrect because of sign-in from sign-up. The account has already been created in step 1. Because of Sign-in from sign-up, an attempt to sign-in the user is *always* made, regardless of the user's age. Only if the account is not already created do we check the age. Since the account is already created, we ignore the age and attempt to sign-in the user.
Thanks for the STRs :sorina. I've done a bit of exploring, there is definitely some odd, but not totally unexpected behavior.

The oddness comes from sign-in from sign-up. For more info, see [1][2]. The strangest behavior I could find is:

1. Sign up with an age > 13, choose what to sync is displayed. Click "back".
2. Sign up with an age > 13, choose what to sync is displayed. Click "back".
3. Sign up with an age < 13, "Confirm your account" is displayed.

Again, this has to do with signin from signup. This is the interpretation of the behavior that was requested by Ryan Feeley in: "User enters too-young COPPA age, sign-in succeeds: User is signed in"

In step 3, since the account was already created, we attempt to sign in the user. We see they have an account that hasn't been verified and send them to the "Confirm your account" screen.


[1] - https://github.com/mozilla/fxa-content-server/issues/2778
[2] - https://github.com/mozilla/fxa-content-server/pull/3413
> 2. Sign up with an age > 13, choose what to sync is displayed. Click "back".

Does this happen because the account is unverified, so when we try to create it again, it gets deleted and re-created?

In any case, I think this feature continues to argue in favour us of doing an identifier-first login flow where you only enter the email up-front, and we take you to the right experience from there.  Let's take a good look at that as we do our Q3 planning.

Alex and/or Ryan, should we consider this "working as intended" given the signin-from-signup feature, or is there some tweak we can do to make the experience better here?
Flags: needinfo?(rfeeley)
Flags: needinfo?(adavis)
(In reply to Ryan Kelly [:rfkelly] from comment #5)
> > 2. Sign up with an age > 13, choose what to sync is displayed. Click "back".


> Alex and/or Ryan, should we consider this "working as intended" given the
> signin-from-signup feature, or is there some tweak we can do to make the
> experience better here?


I would argue strongly in favor of not fixing this and instead expend the
effort to do this:

> an identifier-first login flow where you only enter the email up-front, and we take you to the right experience from there.
(In reply to Shane Tomlinson [:stomlinson] from comment #6)
> I would argue strongly in favor of not fixing this and instead expend the
> effort to do this:

I will second that because there is work in Q3 that will likely eliminate this user flow.
Flags: needinfo?(adavis)

I'm going to go ahead and close this out given discussion above and the the amount of time that has passed.

Status: NEW → RESOLVED
Closed: 5 years ago
Flags: needinfo?(rfeeley)
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.