revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-22 04:31:13 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/auth/controller
History
epriestley 8f8e863613 When users follow an email login link but an install does not use passwords, try to get them to link an account 
Summary:
Ref T13249. See PHI774. When users follow an email login link ("Forgot password?", "Send Welcome Email", "Send a login link to your email address.", `bin/auth recover`), we send them to a password reset flow if an install uses passwords.

If an install does not use passwords, we previously dumped them unceremoniously into the {nav Settings > External Accounts} UI with no real guidance about what they were supposed to do. Since D20094 we do a slightly better job here in some cases. Continue improving this workflow.

This adds a page like "Reset Password" for "Hey, You Should Probably Link An Account, Here's Some Options".

Overall, this stuff is still pretty rough in a couple of areas that I imagine addressing in the future:

  - When you finish linking, we still dump you back in Settings. At least we got you to link things. But better would be to return you here and say "great job, you're a pro".
  - This UI can become a weird pile of buttons in certain configs and generally looks a little unintentional. This problem is shared among all the "linkable" providers, and the non-login link flow is also weird.

So: step forward, but more work to be done.

Test Plan: {F6211115}

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13249

Differential Revision: https://secure.phabricator.com/D20170
2019-02-15 14:41:31 -08:00
..
config Replace all "setQueryParam()" calls with "remove/replaceQueryParam()" 2019-02-14 11:56:39 -08:00
contact Add a "test message" action for contact numbers 2019-01-23 14:22:27 -08:00
message Add "Auth Messages" to support customizing onboarding/welcome flows 2019-01-18 19:53:19 -08:00
mfa When users confirm Duo MFA in the mobile app, live-update the UI 2019-02-15 14:38:15 -08:00
PhabricatorAuthConfirmLinkController.php Make external link/refresh use provider IDs, switch external account MFA to one-shot 2019-02-12 15:18:08 -08:00
PhabricatorAuthController.php Replace all "setQueryParam()" calls with "remove/replaceQueryParam()" 2019-02-14 11:56:39 -08:00
PhabricatorAuthDowngradeSessionController.php Update Auth for handleRequest 2015-08-01 16:49:27 -07:00
PhabricatorAuthFinishController.php Use Log In vs. Login when it's a verb 2017-08-02 12:26:47 -07:00
PhabricatorAuthInviteController.php Support invites in the registration and login flow 2015-02-11 06:06:28 -08:00
PhabricatorAuthLinkController.php Make external link/refresh use provider IDs, switch external account MFA to one-shot 2019-02-12 15:18:08 -08:00
PhabricatorAuthLoginController.php Allow users to register with non-registration providers if they are invited to an instance 2019-02-12 15:19:03 -08:00
PhabricatorAuthNeedsApprovalController.php Update Auth for new UI 2016-03-31 13:51:12 -07:00
PhabricatorAuthNeedsMultiFactorController.php Allow MFA providers to be deprecated or disabled 2019-01-28 09:29:27 -08:00
PhabricatorAuthOldOAuthRedirectController.php Update Auth for handleRequest 2015-08-01 16:49:27 -07:00
PhabricatorAuthOneTimeLoginController.php When users follow an email login link but an install does not use passwords, try to get them to link an account 2019-02-15 14:41:31 -08:00
PhabricatorAuthRegisterController.php Allow users to register with non-registration providers if they are invited to an instance 2019-02-12 15:19:03 -08:00
PhabricatorAuthRevokeTokenController.php Clean up redirect URIs for "Temporary Tokens" and "API Tokens" settings panels 2016-06-28 14:51:04 -07:00
PhabricatorAuthSetExternalController.php When users follow an email login link but an install does not use passwords, try to get them to link an account 2019-02-15 14:41:31 -08:00
PhabricatorAuthSetPasswordController.php Move account passwords to shared infrastructure 2018-01-23 13:43:07 -08:00
PhabricatorAuthSSHKeyController.php Add ViewController and SearchEngine for SSH Public Keys 2016-05-19 09:48:46 -07:00
PhabricatorAuthSSHKeyEditController.php Redirect users back to where they added an SSH Key 2017-08-21 14:02:27 -07:00
PhabricatorAuthSSHKeyGenerateController.php Never generate file download forms which point to the CDN domain, tighten "form-action" CSP 2018-02-28 17:20:12 -08:00
PhabricatorAuthSSHKeyListController.php Add ViewController and SearchEngine for SSH Public Keys 2016-05-19 09:48:46 -07:00
PhabricatorAuthSSHKeyRevokeController.php Add a bin/auth revoke revoker for SSH keys 2018-01-22 15:35:07 -08:00
PhabricatorAuthSSHKeyViewController.php Add a bin/auth revoke revoker for SSH keys 2018-01-22 15:35:07 -08:00
PhabricatorAuthStartController.php Replace all "setQueryParam()" calls with "remove/replaceQueryParam()" 2019-02-14 11:56:39 -08:00
PhabricatorAuthTerminateSessionController.php Upgrade sessions digests to HMAC256, retaining compatibility with old digests 2018-12-13 16:15:38 -08:00
PhabricatorAuthUnlinkController.php Make external link/refresh use provider IDs, switch external account MFA to one-shot 2019-02-12 15:18:08 -08:00
PhabricatorAuthValidateController.php Update Auth for handleRequest 2015-08-01 16:49:27 -07:00
PhabricatorDisabledUserController.php Update Auth for new UI 2016-03-31 13:51:12 -07:00
PhabricatorEmailLoginController.php When users have no password on their account, guide them through the "reset password" flow in the guise of "set password" 2019-02-12 15:19:46 -08:00
PhabricatorEmailVerificationController.php Update Auth for new UI 2016-03-31 13:51:12 -07:00
PhabricatorLogoutController.php Use Log In vs. Login when it's a verb 2017-08-02 12:26:47 -07:00
PhabricatorMustVerifyEmailController.php Use Log In vs. Login when it's a verb 2017-08-02 12:26:47 -07:00
PhabricatorRefreshCSRFController.php Update Auth for handleRequest 2015-08-01 16:49:27 -07:00