Closed
Bug 623982
Opened 14 years ago
Closed 13 years ago
Notifications: Implement email confirmation of anonymous watches
Categories
(support.mozilla.org :: General, defect, P1)
support.mozilla.org
General
Tracking
(Not tracked)
VERIFIED
FIXED
2.5
People
(Reporter: erik, Assigned: paulc)
References
Details
Consider the workflow of the current system. A strawman: stick a random secret on anonymous watches, send a confirmation mail (with a link containing watch ID and secret) automatically upon the creation of an anonymous watch, and write a view that activates the watch and clears the secret when a correct confirmation is received. Make the system ignore watches with non-blank secrets.
Reporter | ||
Comment 1•14 years ago
|
||
Something like random.choice(string.letters + string.digits) (with less concatenation) might come in handy.
Reporter | ||
Comment 2•13 years ago
|
||
WatchFilter.secret is the secret field. Go crazy.
Reporter | ||
Comment 3•13 years ago
|
||
And when I say "WatchFilter", I of course mean "Watch". :-)
Reporter | ||
Updated•13 years ago
|
Summary: Implement email confirmation of anonymous watches → Notifications: Implement email confirmation of anonymous watches
Comment 4•13 years ago
|
||
Only need to confirm an email address once: better or worse?
Assignee | ||
Comment 5•13 years ago
|
||
(In reply to comment #4) > Only need to confirm an email address once: better or worse? For the user it would certainly be better, right? We'd check the notifications and auth_user tables for that email and if it's been already confirmed. I'm not sure if it's worth having a separate table just for anonymous emails.
Reporter | ||
Comment 6•13 years ago
|
||
Devil's advocate: if you confirm your email address, I can then go in anonymously and watch 10,000 things with your email.
Comment 7•13 years ago
|
||
Alternate position: If I try to watch two questions I have to confirm twice? I have no strong opinion here, I just want to do what's best for users. Is comment 6 a more realistic concern than this? It's certainly possible but it seems like there'd be easier ways to troll someone.
Assignee | ||
Comment 8•13 years ago
|
||
We could always switch from confirm-once to confirm-always if it becomes a problem, right?
I think #6 is an edge case so I'd favor confirm once. Although, having the confirm-always case be just a push away seems like not-a-bad-thing in case we do get abuse. Plus a user can always unsubscribe from all emails, right? More pertinent question: what if someone is setting up an anon watch with an email address that belongs to a registered user?
Reporter | ||
Comment 10•13 years ago
|
||
An anon setting up a watch with an email of a registered user is a pretty important use case for me: I often end up on some computer or browser that doesn't know my passwords, and I shouldn't be barred from subscribing to something.
Comment 11•13 years ago
|
||
Sure, but should we treat it like every other anon or should we add it to the list of subscribed watches in a user's profile (essentially treating it like the user was logged in)
Assignee | ||
Comment 12•13 years ago
|
||
OK. Step 1: confirmation scenarios: 1. Anonymous user, we have no record of that email. 2. Anonymous user, email is registered. 3. Logged-in user. Confirmation behavior per scenario (suggested): 1. Confirm once. Anonymous emails are not shown anywhere, are they? So it should be ok to confirm them just once. 2. Always confirm. Users may publicly display their email, I could see this being a frequent problem. 3. Never confirm, if active. Reminder to confirm account, if inactive. Objections?
Assignee: nobody → paulc
Comment 13•13 years ago
|
||
If there's a view to see all the things you're subscribed to (which is probably a good idea for future), we should make sure that things set up via (2) still show up even if you're logged out when you set them.
Assignee | ||
Comment 14•13 years ago
|
||
(In reply to comment #13) > If there's a view to see all the things you're subscribed to (which is probably > a good idea for future), we should make sure that things set up via (2) still > show up even if you're logged out when you set them. For (2), subscribing would check if that email is already registered (without informing the anonymous user whether that is the case), and attach the watch to the registered user. So yes, as you say.
Assignee | ||
Comment 15•13 years ago
|
||
Done. Anonymous users need to confirm each watch every single time. https://github.com/pcraciunoiu/kitsune/commit/24a13e54fdc0efe7c786ecf1e7b6312132faadf2 There is also a message when the email-sending fails, but only for AJAX requests. Bug 629518 is left to polish that UX. Read commit message for details, but basic testing involves watching as anonymous (entering email) and then confirming that action. You should only receive emails for confirmed watches.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Comment 16•13 years ago
|
||
Verified anonymous users must always confirm, and registered users don't
Status: RESOLVED → VERIFIED
Updated•13 years ago
|
Flags: in-testsuite?
You need to log in
before you can comment on or make changes to this bug.
Description
•