Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auth Cleanup #1076

Open
5 of 10 tasks
paustint opened this issue Nov 16, 2024 · 0 comments
Open
5 of 10 tasks

Auth Cleanup #1076

paustint opened this issue Nov 16, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@paustint
Copy link
Contributor

paustint commented Nov 16, 2024
edited
Loading

  • Clicking the verification link from an email does not auto-fill the form (email verification)
  • email 2FA should have a clickable link just like the email verification email
  • App version does not appear to be set in AppInitializer
  • Captcha needs to be reset once it is used
    • e.g. signup attempt fails, then user changes email address and tries again - we force a page refresh when really we should be able to reset the captcha to correct this
  • Email logs do not appear to capture all email sent
    • write tests for all flows that generate email and verify DB has record of outgoing email summary
  • "Remember Device" seems to get triggered fairly frequently
    • we should auto-select the "remember device" for all users, since it is very rare when someone would not want that
    • We should review the cookie process for this to make sure the cookie get's refreshed and extended
@paustint paustint added the bug Something isn't working label Nov 16, 2024
paustint added a commit that referenced this issue Nov 17, 2024
@paustint
Improve email templates
134e28b 
Ensure that we explicitly set the color property because some email clients (icloud) will not render text properly if not set

Increased email verification code to 48 hours

Ensure code is populated in form from url query params

Work towards #1076
paustint added a commit that referenced this issue Nov 17, 2024
@paustint
Fix version
d86dd58 
Ensure version is included in environment, this appears to have been omitted when we migrated to ZOD

Work towards #1076
paustint added a commit that referenced this issue Nov 17, 2024
@paustint
Ensure turnstile is reset on form submission error
af8a592 
Work towards #1076
paustint added a commit that referenced this issue Nov 17, 2024
@paustint
remove deletedAt field from user table
a5ae6d9 
Since users are now hard-deleted, we no longer need this field

Work towards #1076
paustint added a commit that referenced this issue Nov 17, 2024
@paustint
Add link in email for 2FA
ebed60a 
In addition to entering code, users can click the link to open jetstream and auto-enter the code

work towards #1076
@paustint paustint mentioned this issue Nov 17, 2024
Merged
@paustint paustint mentioned this issue Dec 6, 2024
Closed
paustint added a commit that referenced this issue Dec 27, 2024
@paustint
Loosen remember device restrictions
3aa6e05 
Remove IP address from remember device check, since that often changes for people regularly and causes this to go through the process again.

Lengthen the cookie time and DB time to 90 days and upon successful verification, extend by another 90 days in DB and cookie

#1076
@paustint paustint mentioned this issue Dec 27, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@paustint