Closed Bug 727546 Opened 13 years ago Closed 13 years ago

[Marketplace] Developer Log In / Registration

Categories

(addons.mozilla.org Graveyard :: Developer Pages, defect, P1)

Product:
addons.mozilla.org Graveyard
Component:
Developer Pages
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: cvan, Assigned: ashort)

References

Details

Log In / Registration will be handled through BrowserID. We may want to either password protect all Developer Hub pages for the developer beta - or we can just keep the /developers/ and docs pages public (like they currently are for AMO) and keep the submission, etc. pages behind authentication. (Since the pages/flow aren't finalized, I'd rather just get everything behind authentication and not worry about those pages getting indexed by Google, etc.) We also get into issue of whether we want to force users to choose a display name and username after registration (see bug 704634 for the implementation of this for apps-preview). Thoughts?
Also, how do we instruct people who currently already have AMO accounts that they can/must use BrowserID now?
The possible user types/flows here are : a) No browserID; No AMO account b) No browserID; Has AMO account c) Has browserID; No AMO account d) Has BrowserID; Has AMO account We also need to consider people who are e) retrieving their login credentials I do not know if this is a concern- f) users with active AMO session cookies who are logging in with different credentials via browserID
The following is a proposal but I think it makes sense. Comments? a) No browserID; No AMO account - Visiting marketplace: create browserid account, log in. No problems. - Visiting AMO: create AMO account, log in. No problems. b) No browserID; Has AMO account - Visiting marketplace: We let them log in as usual (assuming not editor/admin). Email has been verified by both parties so this is secure. We preserve their AMO password hash for now, so they can log in to AMO if necessary. No problems. - Visiting AMO: Log in. No problems. c) Has browserID; No AMO account - Visiting marketplace: Log in. No problems - Visiting AMO: Will have to go through the normal AMO flow. This is the most time consuming piece in the proposal I think. An alternative would be to enable browserid for these folks on AMO, again, still the most time consuming. d) Has BrowserID; Has AMO account - Visiting marketplace: Log in, similar to (b). No problems. - Visiting AMO: Log in with AMO auth. No problems. We also need to consider people who are e) retrieving their login credentials - Visiting marketplace: They'll use browserid (I think we need to modify a link here). No problems. - Visiting AMO: They reset as usual, No problems. f) users with active AMO session cookies who are logging in with different credentials via browserID - Different credentials are fine, but at no point is there a session from one user on both sites. Logging in to one will terminate the other. There may be some confusion based on using different credentials (eg. changed browserid password but that didn't change my AMO password). Thoughts?
Blocks: 710074
Per fligtar, we can remove the display name/username prompt after registration. (Make sure mobile login/registration isn't broken.)
- we can reuse what we have from apps preview. the copy needs to change. - we need to get rid of the post-registration modal that prompts you for username/display name. - this needs to not be have the consumer-page styles. that means no navigation, no search bar, etc.
Assignee: cvan → ashort
https://github.com/mozilla/zamboni/commit/8ef230e We should create a mkt-specific @login_required decorator that refers to the new login view.
https://github.com/mozilla/zamboni/commit/3f79849
Assignee: ashort → cvan
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: 6.4.2 → 6.4.3
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee: cvan → ashort
This still needs to handle the case where users sign up for AMO after browserID login on mkt. Currently it'll reject them from login as well as registration.
https://github.com/mozilla/zamboni/commit/e1d7b51
Status: REOPENED → RESOLVED
Closed: 13 years ago13 years ago
Resolution: --- → FIXED
Reverted. https://github.com/mozilla/zamboni/commit/5a6d45776c6aeeff136859e53a79454fbb858d5a
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
I think everything left on this is covered in ashort's bug 729806 so closing
Status: REOPENED → RESOLVED
Closed: 13 years ago13 years ago
Resolution: --- → FIXED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.