Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problems signing up with the new passphrase-based system #27

Open
nolanlawson opened this issue Apr 26, 2017 · 5 comments
Open

Problems signing up with the new passphrase-based system #27

nolanlawson opened this issue Apr 26, 2017 · 5 comments

Comments

@nolanlawson
Copy link
Member

nolanlawson commented Apr 26, 2017
edited

Many folks are reporting what appear to be cookie/redirect issues with our new passphrase-based registration system:

As someone reported on Twitter:

When I clicked the verify email link it seemed to work but then somehow it forwarded me back to the signup page. And then told me the email verification failed (it asked if I was blocking cookies). On reload, it auto-logged me in straight into the homepage. Not a big deal, it might have been to do with multiple tabs – I had the verification page open when I first signed up, but then the link from my email opened another effectively identical page.

The relevant PRs are here: tootcafe/mastodon#9 tootcafe/mastodon#10 . Some help fixing this would be appreciated, since I'm not super familiar with Ruby. 😃 That PR can be tested in a local Mastodon development environment.
@nolanlawson nolanlawson changed the title Users have problems signing up with the new passphrase-based system Problems signing up with the new passphrase-based system Apr 26, 2017
@Seebiscuit
Copy link

This may be happening when a user navigates to toot.cafe/auth/signin when they are already signed in right after going through Confirmation...

@b2m9
Copy link

b2m9 commented Apr 26, 2017
edited

I had the exact same behaviour. I had one tab open, when the email arrived. I didn't reload the confirmation page, but went directly to toot.cafe and all was well.

@NickBarreto
Copy link

@b2m9 that sounds like you've reproduced it exactly. That report from twitter above was me, and it pretty accurately describes what I was doing. I think @Seebiscuit's point is relevant, but worth noting that going to toot.cafe/auth/signin wasn't deliberate – the user gets redirected/forwarded there automatically, I think, which may be the issue. If the redirect/forward goes to toot.cafe, it may avoid the problem entirely.

@nolanlawson
Copy link
Member Author

Hm, I'm wondering what in our code could possibly be causing this. I've never heard this reported by users of other Mastodon instances. Our change is so innocuous I really am not sure what the issue is here: tootcafe/mastodon#9 tootcafe/mastodon#10

@nolanlawson
Copy link
Member Author

Also I never got reports of this before merging those PRs, so I'm guessing it must be something related to that.

@nolanlawson nolanlawson mentioned this issue May 9, 2017
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@nolanlawson @NickBarreto @Seebiscuit @b2m9