-
Notifications
You must be signed in to change notification settings - Fork 308
Ability to link an email address to an existing account. #1287
Conversation
TODO: Actually store the email address and send email with confirmation link
…into email Conflicts: gittip/models/participant.py www/assets/%version/gittip/profile.js
@@ -32,7 +32,6 @@ | |||
".,-_:@ ") | |||
NANSWERS_THRESHOLD = 0 # configured in wireup.py | |||
|
|||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's leave this line in. :-)
If I'm not mistaken we need to add a verification workflow, yes? We talked about mocking out Mandrill for testing. Should we go ahead and start using a queue for emails? That introduces another dependency. |
Mandrill Python docs: https://mandrillapp.com/api/docs/index.python.html |
I don't think we need a queue for emails because Mandrill basically is that for us. We need to write tests for the parts that call out to Mandrill, and for the parts the receive the link-back from Mandrill for verification. |
Let's get this DONE. You still on this @wyze or should I take over? |
@whit537 mind if I work on this? |
Why aren't we just using Mozilla's Persona here; this is exactly what
|
I bet if we took on Persona in this case as simply the way the site is #756 was about authenticating using Persona; for this case though, we can On Sun, Nov 10, 2013 at 9:16 PM, Sean Linsley [email protected]:
|
👍 for Persona, I bet is is less work than implementing the verification of the email by hand. |
@seanlinsley Not weird. Our current API may feel a bit weird (it really wants to manage session state), but an effectively stateless API is coming in the next month, which will fit super cleanly into this use case. |
Awesome, thanks for the verification @callahad. We're currently focused on infrastructure improvements and are trying not to make user-facing changes, so the new API might be in place before we get around to this :) |
@callahad Has the stateless API happened? We'd like to clean up our PR queue this week. |
It seems to me that this is it: https://developer.mozilla.org/en-US/Persona/Remote_Verification_API?redirectlocale=en-US&redirectslug=Persona%2FRemote_Verification_API
It should be really easy to integrate. |
In combination with https://developer.mozilla.org/en-US/Persona/The_navigator.id_API#The_Callback_API we can be set. I guess we just call https://developer.mozilla.org/en-US/docs/Web/API/navigator.id.get and verify the result like the above and be done with it (?). |
@zwn Unfortunately, our internal commitments to other teams prevented us from getting this into production -- we didn't want to push a release that hadn't been fully QA'd, nor release too close to holiday vacations. At this point, I believe the final API is 4-6 weeks from production. I'd suggest using the "Observer API" ( @zwn, are you doing the implementation, or someone else? I'd love to chat and put together some short notes to make it easier to avoid some of the weird corner cases when you don't want Persona's default statefulness. |
@callahad I am not the one doing the implementation. I am just trying to figure out if we have all the pieces together and prioritize (we are at @whit537 house continuing the gittip retreat). @duckinator is going to be coordinating our efforts around streamlining the sign up flow. I do most of my work on the backend. You do not recommend the "Callback API"? It is supposed to be stateless and it seems it would fit our code base better. Going forward we would like to support both - just attaching email address using persona but not using it for sign in or going fully in. We would like to have this support for all our attached services/accounts, giving the user the option to pick the one they trust the most for sign in. |
The "Callback API" ( How about this: When you guys are sitting down to hack on this (or if you want to talk through a pull request), ping me here or on IRC ("callahad" on freenode and irc.mozilla.org) and I'll help review / brainstorm / etc. |
We're now planning to use Persona as authentication. I'm assuming we're going to use it for email verification, as well. If that assumption is correct, then what is the status of this pull request? Is it still useful? |
There seems to be a bit of code in this PR that we can copy, at least 🐱 |
Yea. I have a suspicion that some of the code may be useful. But I don't know how exactly we plan to handle using Persona for email verification (will that even be separate from setting it up for authentication?), so I don't know what parts. |
Thank you @wyze . We merged this in by making a new PR without the old git cruft and it should be live in a couple of hours. Thanks for getting the ball rolling :D |
Addresses #89.