Closed thomik-corp closed 2 years ago
netlify[bot]
commented
2 years ago | Name | Link |
|---|---|
| Latest commit | |
| Latest deploy log | https://app.netlify.com/sites/rally-staging/deploys/633680bc60b51e361566d1fd |
| Deploy Preview | https://deploy-preview-301--rally-staging.netlify.app |
| Preview on mobile | Toggle QR Code...Use your smartphone camera to open QR code link. |
To edit notification comments on pull requests, go to your Netlify site settings.
netlify[bot]
commented
2 years ago | Name | Link |
|---|---|
| Latest commit | |
| Latest deploy log | https://app.netlify.com/sites/rally-prod/deploys/6337125d775dcd02e969e06a |
| Deploy Preview | https://deploy-preview-301--rally-prod.netlify.app |
| Preview on mobile | Toggle QR Code...Use your smartphone camera to open QR code link. |
To edit notification comments on pull requests, go to your Netlify site settings.
rhelmer
commented
2 years ago I would like to understand how the "reset password" feature is meant to work on an unverified account, should it send a password, or should it refuse until the account is verified? I think that we need to be careful how many and what sorts of email we send to unverified accounts.
To be clear, I think this is probably more up to Firebase than us, but I'd like to understand the behavior and what we might do about it (we might need to continue show an unverified error in response to "forget password" dialogs for instance)
rhelmer
commented
2 years ago I've seen this a few times while testing locally, but doesn't seem consistently reproducible. I'll see if I can track down what permission it is, seems to be right after creating a new account, before accepting the privacy policy:
Carla-Moz
commented
2 years ago I would like to understand how the "reset password" feature is meant to work on an unverified account, should it send a password, or should it refuse until the account is verified? I think that we need to be careful how many and what sorts of email we send to unverified accounts.
To be clear, I think this is probably more up to Firebase than us, but I'd like to understand the behavior and what we might do about it (we might need to continue show an unverified error in response to "forget password" dialogs for instance)
Yes, I agree we should show the unverified email copy on the card before allowing users to update their password. I'll file an issue for this. This also affects accounts forget password, update email, and update password flows. Users should see an unverified email feedback before attempting any of these actions. Will file issues for this as well.
Fixes: https://github.com/mozilla-rally/rally/issues/276