Show QR code with new app password and other settings to allow easier client setup #429
Comments
ChristophWurst
added
enhancement
1. to develop
|
Sounds good to me 👍 One thing though. In the Android ecosystem we should not ship a QR code scanner but integrate with a QR code scanner (which does have the downside of the scanner having to be installed on the device already...). (EDIT: I removed "to develop" since it should first go to "approved") |
AndyScherzinger
removed
the
1. to develop
|
As said by @AndyScherzinger already, the giant downside of this is that a QR code scanner is needed. Building one in the app is probably a ton of work, and integrating with an existing one seems a bit pointless since … well, let’s face it, no one really uses QR code readers. ;) (That is, a tiny technical minority.) Just putting in the server address on the mobile and then doing something with OAuth or such would be a much better time investment and valuable for everyone I’d say. cc @LukasReschke @karlitschek |
|
Android (and in a slightly similar but not exact same way) has the capability for our app to react to certain URLs. So we could implement the server side generation of emails with hyperlinks including this URL send to the potential users, which could then just click on the link, choose Nextcloud as the app to open the url, login screen appears with pre-filled server address. Would this be something worth implementing? |
|
Not sure since this is kind of a strange flow:
It seems actually more cumbersome than just the flow now:
|
|
I've seen the QR code-configuration in the bittorrent sync-client (owncloud/core#12071). It is really nice to use. Entering long addresses, usernames and passwords is not very handy on mobile devices (however it is only done once). |
|
@jancborchardt it is slightly different ;)
We can also define a fallback URL wihtin the URL, so we will route the user to the play store :D - for details please see: https://developer.chrome.com/multidevice/android/intents#example This makes total sense imho for the scenario where an admin would setup a Nc instance and then send out an e-mail to all potential users and it also makes sense for mailings whenever in an enterprise scenario a new employee joins the company, gets and email to his cellphone and everything works from there 💃 |
|
Why not doing both? |
|
The QR code thing is rather easy I guess (calling an Intent for results with a pre check if the intent is present) |
I doubt so, in some motorala phones a QR scanner is already built into the camera and some of my friends use it to distribute their wlan... |
This is not true in some cases as that won't work with the new app passwords if 2fa is enabled for a user. There is no way around using an app password in that case and you'd have to either generate/copy the app password from your mobile phone's browser or create the password on your PC and type the password into your phone.
Right, ideally apps should not ship a QR code scanner. However, apps like Signal or the OTP Authenticator have a reader built-in and I like that a lot, UX-wise. Actually, I was inspired by the easy setup of the Signal desktop client – you scan a QR code with your phone and everything else is set up for you automatically. I thought we could do something similar. |
|
I think a QR code would be fine. I mean we also have a QR code if people enable the TOTP app. Basically you will have 2 types of users (of course very much oversimplified but still).
This app passwords is for the second group. Of course users could become part of the second group by force of the admin. But that is not a problem we can solve. Same as if the admin requires passwords to be 32 chars long. Now if I'm part of the second group I want my stuff to be as secure as possible. Which means long app passwords! Which is a problem if I'm typing it. But absolutly fine if I can use a QR scanner. |
|
Using QR for setup is some state of the art. Compare with FritzBox WLAN setup or Signal desktop client sync, and it increases usability dramatically :) |
|
Since the Signal example was brought up: They ship their own QR code reader. I think qr codes aren't necessarily bad, but requiring someone to install a separate app to do that is cumbersome. Especially if you don't expect to be needing it. Hence - if we use QR codes in one of our main flows, we should properly integrate it by shipping the app with a QR code reader in it. Or not do it at all. |
Yeah, let's ship a reader 👍 |
|
For the sake of completeness here is the link to the Android PR: nextcloud/android#3383 @tobiasKaminsky Your PR implements this feature, doesn't it? (the android side of it) |
|
@David-Development, yes 👍 |
|
App passwords are needed for other apps on mobiles as well (like for example DavX/Davdroid, News apps, SMS app, bookmarks apps), so installing a QR code reader app shouldn't be a big deal. These apps probably won't integrate well with other solutions. Copying the QR code from one app to another is probably the easiest way to handle this. A 3rd-party app called Phonetrack implemented this using a JQuery QR code library already and it works extremely well: https://gitlab.com/eneiluj/phonetrack-oc/commit/37582661bb30294eb18b2c5204f2eefd5e8059c2 |
|
Let's move it to 17. |
|
PR is at #14450 |
|
Who can gave me a test ambient for this ? (I have my personal provider session down) |
|
^ does that work for you? |
|
Hey, I just discover this issue and thought that I will be better if we can directly generate a QR code by clicking the profile icon > Connect a new device, rather than go in the setting, security, then new device |
Mind to open a new ticket about this UX topic? |
Sure |
Steps to reproduce
Expected behaviour
Configuring a client should be as easy as possible. I'm super lazy and I don't want to type the server URL, username and password.
Actual behaviour
You have to type the URL, user and password and make typos.
Nextcloud version:
master
In the future, mobile clients could then integrate a QR code reader and make the device setup super easy.
cc @jancborchardt @MorrisJobke @LukasReschke @AndyScherzinger
The text was updated successfully, but these errors were encountered: