Closed zackkatz closed 3 years ago
The double opt-in MUST NOT process if the dialog doesn't load. Too many times there are JS errors on a site.
Can you show me a screenshot of the GH dialog? Want to confirm if we're using an alert/modal or inline notice.
@inztinkt
Not sure this would work in WP, but it's one more step, since this is a big change. I think this prevents a "person walked away from their computer without locking the screen" attack.
@zackkatz For Step 3, should they be asked to log back into their WP site or TL SaaS?
@inztinkt For now, let's skip Step 3 and make sure to check nonces when completing the cycling.
@zackkatz Should 'danger zone' go on the bottom of the settings page or on it's own settings page?
@zackkatz I've built this to leverage the browsers' usual confirm dialogue.
I can certainly add the secondary confirmation and warning if you'd like. Just need to confirm what the UX/output/etc should contain and if you want it in a modal/alert/etc.
@zackkatz Should 'danger zone' go on the bottom of the settings page or on it's own settings page?
Let's wait for Tracy to weigh in on this.
Closing for now—it'll need redesign.
When successful: