phorge-phorge

mirror of https://we.phorge.it/source/phorge.git synced 2024-09-21 09:48:47 +02:00

History

epriestley 7797443428 Support invites in the registration and login flow Summary: Ref T7152. This substantially completes the upstream login flow. Basically, we just cookie you and push you through normal registration, with slight changes: - All providers allow registration if you have an invite. - Most providers get minor text changes to say "Register" instead of "Login" or "Login or Register". - The Username/Password provider changes to just a "choose a username" form. - We show the user that they're accepting an invite, and who invited them. Then on actual registration: - Accepting an invite auto-verifies the address. - Accepting an invite auto-approves the account. - Your email is set to the invite email and locked. - Invites get to reassign nonprimary, unverified addresses from other accounts. But 98% of the code is the same. Test Plan: - Accepted an invite. - Verified a new address on an existing account via invite. - Followed a bad invite link. - Tried to accept a verified invite. - Reassigned an email by accepting an unverified, nonprimary invite on a new account. - Verified that reassigns appear in the activity log. {F291493} {F291494} {F291495} {F291496} {F291497} {F291498} {F291499} Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T7152 Differential Revision: https://secure.phabricator.com/D11737	2015-02-11 06:06:28 -08:00
..
PhabricatorCommonPasswords.php	Add a common password blacklist	2014-01-23 14:01:18 -08:00
PhabricatorCookies.php	Support invites in the registration and login flow	2015-02-11 06:06:28 -08:00

epriestley 7797443428 Support invites in the registration and login flow

Summary:
Ref T7152. This substantially completes the upstream login flow. Basically, we just cookie you and push you through normal registration, with slight changes:

  - All providers allow registration if you have an invite.
  - Most providers get minor text changes to say "Register" instead of "Login" or "Login or Register".
  - The Username/Password provider changes to just a "choose a username" form.
  - We show the user that they're accepting an invite, and who invited them.

Then on actual registration:

  - Accepting an invite auto-verifies the address.
  - Accepting an invite auto-approves the account.
  - Your email is set to the invite email and locked.
  - Invites get to reassign nonprimary, unverified addresses from other accounts.

But 98% of the code is the same.

Test Plan:
  - Accepted an invite.
  - Verified a new address on an existing account via invite.
  - Followed a bad invite link.
  - Tried to accept a verified invite.
  - Reassigned an email by accepting an unverified, nonprimary invite on a new account.
  - Verified that reassigns appear in the activity log.

{F291493}
{F291494}
{F291495}
{F291496}
{F291497}
{F291498}
{F291499}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7152

Differential Revision: https://secure.phabricator.com/D11737

2015-02-11 06:06:28 -08:00

PhabricatorCommonPasswords.php

Add a common password blacklist

2014-01-23 14:01:18 -08:00

PhabricatorCookies.php

Support invites in the registration and login flow

2015-02-11 06:06:28 -08:00