-
Notifications
You must be signed in to change notification settings - Fork 128
[FxA] Login flow should work from a non-Firefox browser #4959
Comments
FxA back-end relies heavily on deviceId for FxA auth flow and displaying shots on My Shots page https://github.com/mozilla-services/screenshots/blob/master/server/src/server.js#L1073 |
#4819 is related to this. Once that's fixed, a new profile will not have a device id until the first uploaded shot. |
… no extension) Needs better abstractions and a close look at all the references to deviceId. Needs to be tested across all the use cases we care about. Should fix the confirm-login cookie issue, so both cases (browser and extension) log in similarly
…-login Fixes #4959 - Login flow should work from a non-Firefox browser (with no extension)
@ianb Hi Ian! I was a UX Design intern on the Test Pilot team in the summer. I think we might have met in my first call with the Test Pilot team! :) I was suggesting the empty state design for users who are accessing the https://screenshots.firefox.com/shots directly and not using Firefox browser (#4991), which is related to this. I want to speed up the approval process by collecting as much information as I can, since I want to get it done before I get lots of school work (don't want to be lingering here for too long). Currently, if a user goes on https://screenshots.firefox.com/shots on a non-firefox browser, it shows a looking for a "Looking for shots" page and redirects users to back to the home page after 10 seconds. Since we are promoting the feature that users can access shots directly, I don't think it still makes sense to redirect users to the home page. As a result, I'm proposing this design, which prompts users to sign in Questions:
Really appreciate your response and apologize if I misunderstood/missed anything! |
Hi! I know you were specifically asking for empty states for /shots page on a non-Firefox browser. But just wondering if you thought about empty states for the other account related pages, such as the settings page on a non-Firefox browser? I would assume the sign in page in the sync flow? |
@weivicky Thanks for your valuable feedback, all these are excellent points and we have accounted for in new UI currently on dev server https://screenshots.dev.mozaws.net/ |
@weivicky Major call to action on settings page is disconnect, a generic messaging to educate users is in review in #5156. We have very less control on signin page, it's generic page from Firefox account used by services that needs to authenticate using oauth API |
@weivicky Sorry forgot install instructions for dev server. Thanks! |
Hi! Thanks for your quick response
Sorry if I wasn't clear earlier, I meant if a user copies and pastes /settings page into a non-Firefox browser like Chrome. What would they see? They would see a disconnect button on the Chrome page?
We have control on the messaging on the sign in page of sync though right? We can change "Continue to Sync" to "Continue to Screenshots"?
Unfortunately, I couldn't get the dev server working because I can't seem to find extensions.install.requireBuiltInCerts and xpinstall.sigantures.dev-root A couple things I noticed right away though (not sure if they were done intentionally or not) without being on dev:
Thanks for your quick reply btw! |
@weivicky Filed #5185 to discuss settings page when accessed directly using url
Latest UI in dev server has the string updated to "Continue to Screenshots". Thanks! |
@punamdahiya Hi, really appreciate your quick response! Thanks for submitting an issue! LOL I was asking about the /settings page because I was thinking about using the same empty state page for users who access /shots, /settings, and other account related pages directly on a non-Firefox browser to simplify things and keep things consistent. I think /shots and /settings might be the only ones. I don't think there's a need to have different pages. |
That's a good catch, logged issue #5187 to fix this. Thanks! |
@weivicky you can create these preferences in nightly by going to about:config -> right click -> New -> boolean . Thanks! |
Something we should confirm and make sure works:
Note that we don't need to support creating new shots.
We do not need any persistent association between the browser, any deviceId, and the FxA id (accountId). Ideally we'd simply set the authentication cookie with an accountId, a null deviceId, and any appropriate queries (query on My Shots, permission check on delete/favorite) would work with a null deviceId and an existent req.accountId.
The text was updated successfully, but these errors were encountered: