Need to fix new user creation/deletion for mobile app

[mo-nathan]

Creation: Account isn't verified and doesn't work until you get the email which takes a while. Not clear that the mobile registration actually generates the verification email. Logging in as a new user and asking to reverify also doesn't happen qucik.

Deletion: It acts like it works, but nothing actually happens. Should delete user if there are no contributions and give a warning with an explanation if there are. Should also support this behavior from the web interface.

We really should purge unverified users with no contributions after 1 month.

[mo-nathan]

Email only gets sent every 5 minutes. api2/users needs to at least send a verification email. Would be nice if it sent the email immediately. Might be nice to have a way to verify either automatically or using a code (e.g., NEMF2024).

[mo-nathan]

iNat is very loose regarding email verification. It let's you immediately start adding observations. It does send you an email asking you to verify and if you go to Account Summary you can see if you're verified or not. Seems like a reasonable approach to me.

[nimmolo]

I would prefer the verification email system be modified to send it out immediately.

I have seen the chaos in MO production logs that has come from bot-created fake users, so i'm against letting unverified users do anything! I have no idea what iNat is thinking, but there's a reason verification is SOP on the web.

A 5 min wait for a verification email is not ok, though. Surely we can change that.

[mo-nathan]

Current plan:

1. Ignore verification more - allow observation and image creation at minimum. As a first pass, essentially ignore the verification bit, other than setting it if they click the verification link and allow it to be resent. In the future maybe prevent commenting and naming if unverified? [by NEMF]
2. Ensure that verification email gets created when mobile sign up happens. [by NEMF]
3. Look to speed up email verification sending.
4. Allow admins to require or not require verification. What happens to unverified accounts that were created when verification is not required, when it become required.
5. Actually delete users who have no contributions that ask to be deleted.
6. Allow user self deletion from website when there are no contributions.
7. Automate purging of unverified users with no contributions after a month.
8. Implement admin functionality for disabling/anonymizing users. Consider option to purge by data type if requested.

[mo-nathan]

@nimmolo By "chaos" do you just mean that they create a bunch of fake accounts and then don't do anything with them? Have you seen them attempt to do anything? I'm worried about trying to get the email verification thing working and reasonable in time for NEMF. Ignoring verification at least in the short term seems reasonable. Maybe they can only create observations and upload images? Perhaps part of the reason it works for iNat is that they have a pretty aggressive manual curation process. I think it's at least worth experimenting with easing up on the verification requirements to see what the bots do.

[mo-nathan]

One of my worries about requiring verification is that I plan to explain to folks at NEMF how it is all supposed to work the first night. I expect at least 10% of the audience (~25 people) to scan the QR code I throw up on the screen and if they aren't members then immediately creating an account. If this load causes issues with the email queuing and that's required to do more, then it will be a bad thing. Maybe I'll implement it as an admin option. Then we can test it out for a day and see what happens. We can then turn it off until the first night of NEMF when we can turn it on. Another interesting option is giving folks a grace period so verification isn't needed for some period of time. Of course this doesn't help the nightmare bot situation and having some time limit just means folks get annoyed later when they aren't in the process of signing up.

[nimmolo]

Yes, my memory is that i've definitely seen these bot-created "accounts" attempt actual things with the fake accounts, like tie up the server attempting impossibly taxing queries. I think this is going to lead to major server snafus almost immediately. (Incidentally the server seems slow to me today, much slower than earlier this week.)

The problem is that all our expensive queries are all available to logged-in users (only). I'm not saying don't try it, but if it makes a mess and you clean it up..... ok :)

[JoeCohen]

When they are able to login, they also create spam comments, or even observations.

On Sat, Sep 28, 2024 at 6:51 PM andrew nimmo @.***> wrote:

Yes, my memory is that i've seen these bot-created "accounts" do actual things with the fake accounts, like tie up the server attempting impossibly taxing queries.

— Reply to this email directly, view it on GitHub https://github.com/MushroomObserver/mo-mobile/issues/62#issuecomment-2381058954, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAALDFB4UEGMLJTVCT4MOV3ZY5MLTAVCNFSM6AAAAABPA3Q252VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGOBRGA2TQOJVGQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[mo-nathan]

In thinking about this, I recalled that iNat kind of does a pseudo-captcha thing by asking the user a couple of questions related to content sharing that they need to check at least one box for. If the user doesn't check at least one of the boxes, it pushes back.

[mo-nathan]

What if I only allow the operations that come through the mobile app. If they are coming in through the website, they have to verify. If this still creates messes, then we could add a verification question.