-
-
Notifications
You must be signed in to change notification settings - Fork 186
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add password authentication flow #2329
base: main
Are you sure you want to change the base?
Conversation
Codecov Report
@@ Coverage Diff @@
## main #2329 +/- ##
==========================================
- Coverage 47.31% 47.13% -0.19%
==========================================
Files 272 272
Lines 9178 9161 -17
Branches 2153 2174 +21
==========================================
- Hits 4343 4318 -25
- Misses 4340 4345 +5
- Partials 495 498 +3
Continue to review full report at Codecov.
|
17c8668
to
122eb7b
Compare
122eb7b
to
cb21617
Compare
7b01ae9
to
faed538
Compare
faed538
to
63df4cf
Compare
✔️ Deploy Preview for streetmix-docs canceled. 🔨 Explore the source changes: 53adbb2 🔍 Inspect the deploy log: https://app.netlify.com/sites/streetmix-docs/deploys/6123b68324d50e000907a2ea |
127b4c0
to
1935106
Compare
This commit adds support for logging in via password using the Auth0 Universal Login screen. It keeps around the existing magic link support, but relegates it to a secondary (well, stylistically tertiary) button. Native form submit of the email field now goes to the password login. To ease users into it, we added explanatory text advertising the feature and also directing them to the sign up page, although they can also sign up from the login page itself. It also replaces a few `this.state` direct-usages with destructured assignments as a small bit of inline cleanup. Co-authored-by: Whitman Schorn <whitman.schorn@gmail.com>
It turns out that the new Universal Login experience at Auth0 doesn’t yet support passwordless login, something I unfortunately didn’t catch during 336f4b7. Given the choice between abandoning new Universal Login or migrating all email users to passworded accounts, we prefer the latter. This change comments-out (with DEPRECATED notes) the magic link code and changes the sign in dialog language. We will eventually remove the deprecated code once we’re sure of the permanency of this decision.
This wasn't actually affecting us, but it was causing developer (me) confusion: we declare the `user` const in this block, and then again in a lower scope (the API callback). To alleviate that confusion, I renamed the constant at this scope. Done during but not directly related to #2023.
Adds an error page for when users attempt to login with an unverified email, along with a couple of TODOs for completing the work. Affects #2023
1935106
to
53adbb2
Compare
🚨 Blocker:🚨
This PR shouldn't be merged until we resolve an issue we discovered.
Description:
This PR replaces passwordless email login with a password authentication flow using Auth0's Universal Login. It also adds explanatory text to guide users through the change, including a direct sign-up link.
It also:
this.state
calls with destructured assignment. Normally I don't believe in doing cleanup alongside new work, but I had to write similar code alongside these old patterns and had to choose between consistency with those incorrect patterns, causing an inconsistency in a single file, or just cleaning up the problems. I chose the latter. (Laster?)Prerequisites and deployment:
Before merging this, we should:
(We have to do all three of those things to be in good standing and be able to serve the New Experience Universal Login screen without a dev-key scold.)
After deploying this, we should immediately:
Closes #2023
@whitmanschorn did the original spike in #2035, so I've tagged him as co-author. 🙏🏼