Closed Bug 275137 Opened 20 years ago Closed 17 years ago

Email address changes are accepted without being verified

Categories

(addons.mozilla.org Graveyard :: Developer Pages, defect)

Product:
addons.mozilla.org Graveyard
Component:
Developer Pages
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: Bugzilla-alanjstrBugs, Assigned: wenzel)

References

Details

Unlike BMO, UMO does not make you verify that your new email address is valid
when you change it.
Assignee: psychoticwolf → psychoticwolf
Target Milestone: 1.0 → 1.1
Assignee: psychoticwolf → nobody
Severity: normal → major
Being a bug that involves usermanager (that I'm patching too), I'm taking on
this. Fundamentally I will disable the user profile and send a confirmation
unblocking code to the new email address (like we do upon registration) when he
edits it. Of course he should be warned *before* he commits the change... just
in case :-)
Assignee: nobody → g.maone
Status: NEW → ASSIGNED
I think we need a confirmation table that lists pending confirmations.  That way
we can expire them.  

UserID, ConfirmType, Value, ConfirmCode, timestamp
ConfirmType would be A for account creation, P for Password Reset, E for Email
Change

Can't login for A and E.  
(In reply to comment #2)
> I think we need a confirmation table that lists pending confirmations.  That way
> we can expire them.  
> 
> UserID, ConfirmType, Value, ConfirmCode, timestamp
> ConfirmType would be A for account creation, P for Password Reset, E for Email
> Change
> 
> Can't login for A and E.  

What if we simply change confirm code format on the userprofiles table?

{date[yymmddhhMM]}{type[A|E|P]}{random-hex-value}

for instance

0401220830A80ffc6324b

This way we spare another join, and we can still expire/discriminate.

We could do that.  I was trying to avoid having this extra data hang around.
Here's what we currently do with Bugzilla:

We have a tokens table, which uses a randomly-generated 8-character token as the
primary key (not autoincrement, we generate it).  In this table we store their
old email address, the new email address, the date it was issued, and a token
type code.

Two tokens are issued for an email address change.  One gets a token type that
indicates it's for the old address, and one gets a token type that indicates its
for the new address.  Otherwise the rest of the data on the two tokens is the same.

One token is mailed embedded in URLs to each of the new and old addresses.  The
old address gets one saying "click here to cancel this change".  The new address
gets both "click here to cancel" and "click here to confirm".  I *wanted* to
have Bugzilla require the old user to either confirm or let their token expire
before the change could take effect, but the people writing the patch were lazy
and I was too busy to do any better myself at the time ;)
We should also record the IP 
(In reply to comment #6)
> We should also record the IP 

see bug 280318
Target Milestone: 1.1 → 2.0
*** Bug 329095 has been marked as a duplicate of this bug. ***
Throwing this back into the queue (feel free to reclaim it if you're active on it, mao, just trying to tidy things a bit).  It'd be good to fix, but I don't think it's a major issue presently.
Assignee: g.maone → nobody
Severity: major → normal
Status: ASSIGNED → NEW
QA Contact: mozilla.update → developers
Target Milestone: 2.0 → 2.1
Fred: do we do this in Remora yet?
Assignee: nobody → fwenzel
Flags: blocking-remora-launch+
Target Milestone: 2.1 → 3.0
Depends on: 378395
Resolved - please reopen if found not to be true.
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.