Open LeadSongDog opened 6 years ago
Tangential to #917
@LeadSongDog Is this still an issue? It seems the merging of IA and OL authentication has occurred recently. @mekarpeles Assigning you to reconcile this issue per our slack conversation
@guyjeangilles Yes, the "Change Password" and "Update Email Address" links on the Settings page at https://openlibrary.org/account still go offsite to https://archive.org/account/index.php?settings=1 without warning the user they are about to do so. At a minimum there should be a heads up, but the better answer would be to make it work without resorting to forcing the users to have direct access to archive.org : much of OL's functionality works just fine without that access.
If the warning-only option is taken, that warning should advise the user they may need to create their account from another client workstation.
User registration, or changing user's email or password requires access to archive.org, without which it cannot be done. (Group policies sometimes block archive.org as a gaming, porn, or warez site.) There is no hint to the user that this off-site (non-OL) access is happening, so the failure looks like something more sinister has happened.
Possible fixes could be a limited-scope proxy, register-by-email, or at least some warning text.