Support sign in and sign up with GH/GL/BB #4022
Conversation
There was a problem hiding this comment.
Looks good to me. I do worry about the edge cases that you mention, which is folks who disconnect their social account and then get locked out.
I guess that isn't any different than losing your password though, so being able to recover it is a good enough solution in that case.
|
|
||
| {% load i18n %} | ||
|
|
||
| {% block head_title %}{% trans "Signup" %}{% endblock %} |
There was a problem hiding this comment.
We are using "Signup" and "Sign up", I think we need to use only one.
There was a problem hiding this comment.
That's a good catch.
There was a problem hiding this comment.
Heh, it looks like this is present in allauth itself:
https://github.com/pennersr/django-allauth/blob/2894261/allauth/templates/account/signup.html#L5-L8
Nonetheless, I'll change it for us. I lean toward "sign up" being two words
|
|
||
| <div class="clearfix"> | ||
| <ul class="socialaccount_providers"> | ||
| {% include "socialaccount/snippets/provider_list.html" with process="login" next="" verbiage="Sign up with" %} |
There was a problem hiding this comment.
process="login" and verbiage="Sign up with"
Just in case, process shouldn't be signup or similar?
There was a problem hiding this comment.
login is correct, I believe. I tested the full workflow.
|
I just tested the email reset and it worked. 👍 |
|
I don't believe I got an verification email though, which might make things not work in the future. I wonder if there's a setting or something about email verification that we need to turn on? |
I'll see if there's an option. |
|
The setting is I'll make the settings match in dev and open a PR for the production settings. Edit: it looks like no changes should be necessary in prod. The default value is the same as |
|
👍 looks good to me. I imagine we might get some support requests around this for edge cases, but we can take those as they come. |
While this was technically supported if you knew the URLs, this adds formal support for logging in and signing up with our providers (currently GitHub, BitBucket, and GitLab).
How this works
Let's say your user account already is connected to GitHub because you actually use Read the Docs with your GitHub account. The "Sign in with GitHub" button will just work for you. You can still use your old username and password if you like.
If your GitHub account is not connected to anything and you click the "Sign in with GitHub", you will authenticate with GitHub, and then you will get a confirmation screen where you tie your GitHub account and email to a new Read the Docs username (see screenshot below). After confirming, you'll be logged in. The first and last name may be populated from the provider if available.
BitBucket works exactly the same as GitHub. I didn't actually test GitLab but I assume it does.
Note: There is no technical difference between the "Sign in with.." and "Sign up with.." buttons. If your social account is already connected to a user account, you will be logged in. If it isn't, you will be asked to confirm a new sign up.
Weird edge cases
An account already exists with this e-mail address. Please sign in to that account first, then connect your Bitbucket account.This is strange a little bit at first but I believe it is correct functionality. It also won't let you create a duplicate username but that seems standard.