Closed
Bug 976949
Opened 11 years ago
Closed 11 years ago
about:accounts?action=signin does not indicate if someone is already logged in.
Categories
(Cloud Services :: Server: Firefox Accounts, defect)
Cloud Services
Server: Firefox Accounts
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: markh, Assigned: markh)
References
Details
Attachments
(1 file, 1 obsolete file)
(deleted),
image/png
|
Details |
The URL https://accounts.firefox.com/signin?service=sync&context=fx_desktop_v1, as loaded by about:accounts?action=signin, is used as a "signin" page.
I believe that until recently, this page correctly detected the login state and instead of the signin form displayed "You are signed in as email@address.com", but it no longer does this. Note that it *does* change to this state if you log in from this page, but doesn't when it is refreshed.
An impact of this will be that if a tab is open and refreshed when the user is logged in (eg, if the tab is restored by session restore), the user may believe they are not logged in. They may then log in again even though a user is already logged in. As this will not cause a logout flow, this could cause problems.
STR:
* Log into an FxA account and verify the Preferences panel etc indicate you are logged in.
* Open a new tab to "about:accounts?action=signin"
* The tab offers to log you in - it should reflect you are already logged in.
Assignee | ||
Comment 1•11 years ago
|
||
FTR, I've verified that about:accounts?action=signin does request a session status from FxA, which does report a logged-in user - it just seems to ignore this.
Comment 2•11 years ago
|
||
I can't reproduce. I see the "Manage" screen (attached) after opening a tab with "about:accounts?action=signin" after logging in.
Comment 3•11 years ago
|
||
Comment 4•11 years ago
|
||
Attachment #8383342 -
Attachment is obsolete: true
Comment 5•11 years ago
|
||
(In reply to Chris Karlof [:ckarlof] from comment #2)
> I can't reproduce. I see the "Manage" screen (attached) after opening a tab
> with "about:accounts?action=signin" after logging in.
FWIW, this is what I would expect it would do.
Comment 6•11 years ago
|
||
lol, crap. nm I did signin=true.
Comment 7•11 years ago
|
||
I can reproduce. I propose that in aboutaccounts.js, if action=signin or action=signup and we have a logged in user, it should show the manage screen.
More broadly, it raises the issue that after user has finished interacting with an about:accounts page, particularly one with query params, it's suspect to leave it hanging around the browser. E.g., for the action=reauth case, the user could keep loading that page and keep getting the login prompt. It would probably make sense to redirect to about:accounts after anything has completed would when then show the manage page after the user logged in.
Assignee | ||
Comment 8•11 years ago
|
||
(In reply to Chris Karlof [:ckarlof] from comment #7)
> I can reproduce. I propose that in aboutaccounts.js, if action=signin or
> action=signup and we have a logged in user, it should show the manage screen.
I think that would cause a UX regression - the user would then never see the "You are now signed in" or the "we sent a verification mail" status panels.
> More broadly, it raises the issue that after user has finished interacting
> with an about:accounts page, particularly one with query params, it's
> suspect to leave it hanging around the browser. E.g., for the action=reauth
> case, the user could keep loading that page and keep getting the login
> prompt.
Agree with that in general, but...
> It would probably make sense to redirect to about:accounts after
> anything has completed would when then show the manage page after the user
> logged in.
As above, I think that breaks what UX designed.
Comment 9•11 years ago
|
||
John, what should happen in this case?
Comment 10•11 years ago
|
||
(In reply to Mark Hammond [:markh] from comment #8)
> (In reply to Chris Karlof [:ckarlof] from comment #7)
> > I can reproduce. I propose that in aboutaccounts.js, if action=signin or
> > action=signup and we have a logged in user, it should show the manage screen.
>
> I think that would cause a UX regression - the user would then never see the
> "You are now signed in" or the "we sent a verification mail" status panels.
What do you mean by "never see"? My proposal is that this would only happen if the user visited or reloaded about:accounts?... *after* signing in. If the user signed in and needed verification, then she would see the "we sent a verification mail" page. If she then decided to reload that screen, this approach would then show her the "Manage" page, but I don't think that's terrible.
Comment 11•11 years ago
|
||
I think this bug will be covered by the work that falls out of Bug 956605. E.g., this case is covered by the state machine I propose here: https://bugzilla.mozilla.org/show_bug.cgi?id=956605#c23
Updated•11 years ago
|
Assignee: nobody → mhammond
Assignee | ||
Comment 12•11 years ago
|
||
Just verified this was fixed by bug 956605
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•