Pick up on the AMO session so we don't have people log in separately

RESOLVED WONTFIX

Status

addons.mozilla.org Graveyard
Add-on Builder
P1
normal
RESOLVED WONTFIX
7 years ago
3 years ago

People

(Reporter: clouserw, Assigned: zalun)

Tracking

unspecified
Builder 1.0

Details

(Reporter)

Description

7 years ago
AMO changed their session handling so the cookie would cross over to BAMO.  We should pick up on that.  This bug covers:

- Deleting (or renaming if there is a reason to keep them) existing BAMO session cookies to avoid conflicts)
- Pick up on session ID in existing AMO cookies
- Replacing remote log in code to authenticate against AMO database with code that sends the sessionid instead of user/pass

This bug does not cover:
- Logging in via AMO won't redirect back to BAMO. (Bug 625968)
(Reporter)

Updated

7 years ago
Priority: -- → P3
(Assignee)

Updated

7 years ago
Assignee: nobody → zaloon
(Reporter)

Updated

7 years ago
Target Milestone: Q1 2011 → Q2 2011
I'm still having to log in to BAMO separately from my AMO login.

I'm assuming that this is still wanted, could we get an update on any work being done for this?
(Reporter)

Comment 2

7 years ago
The session is shared by AMO now (in the cookie) but builder hasn't picked up on it yet.  This may be obsoleted/altered by browserid now.
I believe we should do this in advance of browserid, I will let AMO implement that first and we can update BAMO downstream.
Target Milestone: Q2 2011 → Builder 0.9.10

Comment 4

7 years ago
Another point of interest is that I can log in to AMO, but then encounter the login page for BAMO as others did above.  The trouble is that this login page does not recognize my details, and I cannot get a new account (link "...get one..."), because it says I am already logged in.  I have also tried getting to this login page without having logged in, and with a new-profile (so no old cookies).  Same result.

In other words, builder is blocked to me.
Let's get the auth issues solved and pick-up whatever we need in Builder to support correct, fluidly shared sessions between the two asap. Piotr, can we get this in for a Weds push this week? If not, what are the issues blocking us from doing so?
Priority: P3 → P1
(Assignee)

Comment 6

7 years ago
sessionId on test servers is not shared between AMO and BAMO.

FB says: sessionid 31ad90d0d618f07041c1 .addons.allizom.org

Updated

7 years ago
Target Milestone: Builder 0.9.10 → Builder 0.9.11
(Assignee)

Comment 7

7 years ago
I think we should wait for browserId as authentication read from AMO cookie would involve a database check from AMO on every request.

Updated

7 years ago
Target Milestone: Builder 0.9.11 → Builder 1.0
(Assignee)

Comment 8

6 years ago
We will implement browserID
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → WONTFIX
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.