search

opencollective / opencollective

We're tracking all our Issues, RFCs and a few other documents in this repository.
https://opencollective.com
MIT License
2.01k stars 370 forks source link

Login error when trying to approve new collectives #1642

Closed alanna closed 5 years ago

alanna commented 5 years ago

I get a notification of a new collective application and click "approve" in the email. Sometimes it works, and sometimes I get this error about not being logged in. But I am logged in (see my photo in upper right).

screen shot 2019-01-18 at 5 49 50 pm

If I refresh the page, it logs me out and I have to log in again using the email process. Then I try approving the collective and it might work or this whole thing repeats again.

What it looks like to me is that the page begins loading before whatever part determines the logged in state, because as the page loads I can see the not logged in view (it says 'log in' in the upper right) before my photo and username appears in the corner. But the Collective approval process loads faster.

alanna commented 5 years ago

Hey @znarf is there any workaround to this? Can I approve collectives directly in Forest or something? This bug is blocking me from approving any new collectives and they are backing up.

znarf commented 5 years ago

@alannallama Let's try to fix the issue. I'm prioritizing that.

alanna commented 5 years ago

@znarf unfortunately I am still having the same problem and can't approve collectives 🙁

znarf commented 5 years ago

@alannallama Is it still the same? To help me troubleshoot, can you try:

While being already authenticated:

While being not authenticated:

alanna commented 5 years ago

@znarf

Is it still the same?

yes the same behavior

hacking the URL

it worked!

While being not authenticated

The collective was approved (yay!)

But... It logged me in as a different user 😱 (hipsterbrown), because the system sends me 10 copies of every approval email and I accidentally clicked one addressed to him.

The above was tested with recent ones. I also tested an older one (11 days) and hacking the URL worked for it, too. I can use that workaround until we find a fix.

alanna commented 5 years ago

If it's easier, can we just remove the authentication from the approve button, and instead use the straight URL and rely on the user being logged in already?

Betree commented 5 years ago

@alannallama What's the URL of the host? I just found a bug that may be related

alanna commented 5 years ago

@Betree these have all been for the Open Source Collective I think.

znarf commented 5 years ago

@alannallama We expect that to be better now.

1) If the link is invalid and you're already authenticated, it's ignored 2) If the link is invalid and you're not already authenticated, you get a login form to sign in

Can we close it?

alanna commented 5 years ago

Yes, it's working now. Thanks!

-- Alanna Irving hello@alanna.space https://alanna.space

On Mon, 4 Mar 2019 at 20:53, François Hodierne notifications@github.com wrote:

@alannallama https://github.com/alannallama We expect that to be better now.

  1. If the link is invalid and you're already authenticated, it's ignored
  2. If the link is invalid and you're not already authenticated, you get a login form to sign in

Can we close it?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/opencollective/opencollective/issues/1642#issuecomment-469152408, or mute the thread https://github.com/notifications/unsubscribe-auth/AFPn_pst2ZYx3px3yNOJXEvv3jCHTDV6ks5vTNEVgaJpZM4aHOlv .