kueda
commented
5 days ago FWIW, this also requires coordination with the web team to figure out how this would work, so that part is ready for a dev to work on. Ultimately, no matter how the user signs in or signs up, the webview needs to provide the app with a working OAuth access token. Devs in this project need to figure out the best way to receive that (in the URL? as an HTTP header in a response? as JS in the webview sending an explicit message out of the webview?), and the web team needs to figure out what's feasible and secure.
Personally I would start by figuring this out for basic sign in to an existing account, and once that's working, move on to sign up, reset password, and 3rd party.
Change the current signup/login to be through an in-app browser
Might require some design.