search

oddsdk / ts-odd

An SDK for building apps with decentralized identity and storage.
https://odd.dev/
Apache License 2.0
179 stars 24 forks source link

webnative.lobby.resendVerificationEmail doesn't work for apps that don't have complete filesystem permissions #198

Closed matheus23 closed 3 years ago

matheus23 commented 3 years ago

Problem

If the user hasn't given full filesystem permissions to an app, the app won't be able to resend verification emails, because it'll fail with "Could not find your local UCAN". The way UCANs are fetched for resendVerificationEmail is like this:

https://github.com/fission-suite/webnative/blob/bd1266d481dc90e8c42214fd17b963c86f11733c/src/lobby/index.ts#L51-L54

So we're requesting * filesystem access, where we actually only need any valid UCAN to satisfy the server.

This used to not be an issue because of a bug we've had previously, but that's fixed now.

Impact

The resend verification email button in the dashboard doesn't work anymore.

Solution

We should request as little permissions as possible. (How do we do that? I think there's no internal API for this, yet)

icidasset commented 3 years ago

We could add another UCAN to the list coming from the lobby. Not something that the user has to give permissions for. Just a UCAN that gives permission to send emails or something. We would need a new resource/attenuation type probably 👀

matheus23 commented 3 years ago

Re: Adding a new resource/attenuation type. I'm linking https://github.com/fission-suite/fission/issues/444 because it's relevant.

I think we'll want to add a general "can send me emails" permission (like mentioned in the link above).

We might want to fix this issue before we implement the above, though (i.e. something more like a hot fix).