Closed
Bug 875295
Opened 12 years ago
Closed 11 years ago
Blank screen on [reset] login error
Categories
(Marketplace Graveyard :: Payments/Refunds, defect, P3)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 837201
People
(Reporter: muffinresearch, Unassigned)
References
Details
(Whiteboard: [ui-wanted])
Attachments
(1 file)
640.42 KB,
image/png
|
Details |
STR:
* Click forget pin
* Start reset flow
* login with different account
What happens:
* You get a blank screen with _resetLoginError: [reset] login error in the console
What should happen:
* Assuming this happens due to the differing accounts there should be message that explains what's going on + an option to retry.
Reporter | ||
Updated•12 years ago
|
Blocks: marketplace-payments
Updated•12 years ago
|
Priority: -- → P3
Comment 1•12 years ago
|
||
I'll grab some logs and see what's happening
Assignee: nobody → kumar.mcmillan
Updated•11 years ago
|
Flags: affects-tricycle+
Flags: affects-seville+
Flags: affects-seahorse+
Flags: affects-moss+
Flags: affects-durango+
Comment 2•11 years ago
|
||
Currently the code raises an explicit exception in this case https://github.com/mozilla/webpay/blob/master/webpay/auth/views.py#L61 I'm not totally sure what should happen here.
Comment 4•11 years ago
|
||
Bumping to 1.3 and taking this. I've worked in this area recently. I do need to ping UX to see what the desired outcome here is.
My thoughts:
User hits reset pin
logs in with different user at the force reauth prompt
We offer to let them try again, or if they hit cancel we log them out and take them out of the payment flow.
Assignee: kumar.mcmillan → wraithan
Flags: needinfo?(mhanratty)
Whiteboard: [ui-wanted]
Version: 1.5 → 1.3
Comment 5•11 years ago
|
||
When the user clicks "Forgot Pin" and we take them to sign into Persona (changing to Firefox Accounts) will they be considered a returning user and see this screen with their account name? I just want to get the full context of how a user would find themselves sign in as a different account in the flow.
Flags: needinfo?(mhanratty)
Comment 6•11 years ago
|
||
No, they don't see the screen with their name. We use Persona's ForceAuth feature which makes them type in their email and password regardless of saved ID settings.
Comment 7•11 years ago
|
||
Why are we using forceauth? Wouldn't it be better to reuse the last email wherever possible to lessen the chance of this edge case?
c
(In reply to Wraithan (Chris McDonald) [:wraithan] from comment #6)
> No, they don't see the screen with their name. We use Persona's ForceAuth
> feature which makes them type in their email and password regardless of
> saved ID settings.
Comment 8•11 years ago
|
||
(In reply to Crystal Beasley [:skinny, :crystal] from comment #7)
> Why are we using forceauth? Wouldn't it be better to reuse the last email
> wherever possible to lessen the chance of this edge case?
It's actually Persona that blanks out the email when we use forceAuthentication: true. Persona could chose to use the last email and I would be fine with that. All we want is to force the user to re-enter their *password*.
However, even after that we'll need to be prepared for this edge case.
Comment 9•11 years ago
|
||
Let's use the last email address and have the user enter their password as Crystal/Kumar suggested.
As for addressing this edge case, I'm not sure it really warrants it's own error messaging. Even the wording is super hard to come up with:
"You are logged in with a different account then the one you were using to reset your pin. Would you like to continue or sign back in with a different account?" (User can click "Continue" or "Sign Out"?)
It's really confusing. I'm ok with not showing a message and assuming the user logged in with an different identity on purpose.
Comment 10•11 years ago
|
||
(In reply to Maureen Hanratty from comment #9)
> Let's use the last email address and have the user enter their password as
> Crystal/Kumar suggested.
Sure. That would be a feature request for Persona.
> It's really confusing. I'm ok with not showing a message and assuming the
> user logged in with an different identity on purpose.
I like that! It is the easiest to implement.
Comment 11•11 years ago
|
||
Logged in as A
Click reset and type in B as username
If we just put them at the start of payment, the purchase still goes on A's account in the marketplace, but then when they get back to marketplace next they are logged in as B (silently) because of how persona works.
So, when we detect they are a different user we would need to log them out of persona and dump them back at marketplace, so they can log in and make the transaction as the intended user. Unless my understanding of webpay/marketplace/persona is incorrect.
Updated•11 years ago
|
Target Milestone: --- → 2013-10-01
Updated•11 years ago
|
Assignee: wraithan → nobody
Updated•11 years ago
|
Target Milestone: 2013-10-01 → ---
Reporter | ||
Comment 12•11 years ago
|
||
Can we clarify what's actually needing to be done for this bug? Do we need bugs for Persona as per comment 10?
Comment 13•11 years ago
|
||
Oh this is what I currently get on bug 837201 comment 6.
Updated•11 years ago
|
Version: 1.3 → 1.4
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•