Closed
Bug 727546
Opened 12 years ago
Closed 12 years ago
[Marketplace] Developer Log In / Registration
Categories
(addons.mozilla.org Graveyard :: Developer Pages, defect, P1)
addons.mozilla.org Graveyard
Developer Pages
Tracking
(Not tracked)
RESOLVED
FIXED
6.4.3
People
(Reporter: cvan, Assigned: ashort)
References
Details
Log In / Registration will be handled through BrowserID. We may want to either password protect all Developer Hub pages for the developer beta - or we can just keep the /developers/ and docs pages public (like they currently are for AMO) and keep the submission, etc. pages behind authentication. (Since the pages/flow aren't finalized, I'd rather just get everything behind authentication and not worry about those pages getting indexed by Google, etc.) We also get into issue of whether we want to force users to choose a display name and username after registration (see bug 704634 for the implementation of this for apps-preview). Thoughts?
|
Reporter | |
Comment 1•12 years ago
|
||
Also, how do we instruct people who currently already have AMO accounts that they can/must use BrowserID now?
|
||
Comment 2•12 years ago
|
||
The possible user types/flows here are : a) No browserID; No AMO account b) No browserID; Has AMO account c) Has browserID; No AMO account d) Has BrowserID; Has AMO account We also need to consider people who are e) retrieving their login credentials I do not know if this is a concern- f) users with active AMO session cookies who are logging in with different credentials via browserID
|
||
Comment 3•12 years ago
|
||
The following is a proposal but I think it makes sense. Comments? a) No browserID; No AMO account - Visiting marketplace: create browserid account, log in. No problems. - Visiting AMO: create AMO account, log in. No problems. b) No browserID; Has AMO account - Visiting marketplace: We let them log in as usual (assuming not editor/admin). Email has been verified by both parties so this is secure. We preserve their AMO password hash for now, so they can log in to AMO if necessary. No problems. - Visiting AMO: Log in. No problems. c) Has browserID; No AMO account - Visiting marketplace: Log in. No problems - Visiting AMO: Will have to go through the normal AMO flow. This is the most time consuming piece in the proposal I think. An alternative would be to enable browserid for these folks on AMO, again, still the most time consuming. d) Has BrowserID; Has AMO account - Visiting marketplace: Log in, similar to (b). No problems. - Visiting AMO: Log in with AMO auth. No problems. We also need to consider people who are e) retrieving their login credentials - Visiting marketplace: They'll use browserid (I think we need to modify a link here). No problems. - Visiting AMO: They reset as usual, No problems. f) users with active AMO session cookies who are logging in with different credentials via browserID - Different credentials are fine, but at no point is there a session from one user on both sites. Logging in to one will terminate the other. There may be some confusion based on using different credentials (eg. changed browserid password but that didn't change my AMO password). Thoughts?
|
|
Reporter | |
Comment 4•12 years ago
|
||
Per fligtar, we can remove the display name/username prompt after registration. (Make sure mobile login/registration isn't broken.)
|
|
||
Comment 5•12 years ago
|
||
- we can reuse what we have from apps preview. the copy needs to change.
- we need to get rid of the post-registration modal that prompts you for username/display name.
- this needs to not be have the consumer-page styles. that means no navigation, no search bar, etc.|
|
||
Updated•12 years ago
|
Assignee: cvan → ashort
|
||
Comment 6•12 years ago
|
||
https://github.com/mozilla/zamboni/commit/8ef230e We should create a mkt-specific @login_required decorator that refers to the new login view.
|
|
Reporter | |
Comment 7•12 years ago
|
||
https://github.com/mozilla/zamboni/commit/3f79849
Assignee: ashort → cvan
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: 6.4.2 → 6.4.3
|
Assignee | |
Updated•12 years ago
|
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
Assignee | |
Updated•12 years ago
|
Assignee: cvan → ashort
|
|
Assignee | |
Comment 8•12 years ago
|
||
This still needs to handle the case where users sign up for AMO after browserID login on mkt. Currently it'll reject them from login as well as registration.
|
|
Assignee | |
Comment 9•12 years ago
|
||
https://github.com/mozilla/zamboni/commit/e1d7b51
Status: REOPENED → RESOLVED
Closed: 12 years ago → 12 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 10•12 years ago
|
||
Reverted. https://github.com/mozilla/zamboni/commit/5a6d45776c6aeeff136859e53a79454fbb858d5a
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
||
Comment 11•12 years ago
|
||
I think everything left on this is covered in ashort's bug 729806 so closing
Status: REOPENED → RESOLVED
Closed: 12 years ago → 12 years ago
Resolution: --- → FIXED
|
||
Updated•8 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•