Option to edit/delete Ad

[vlado]

Option to delete the ad after it is not relevant any more (Possible solution: send a "Click here to remove entry" link to the mail user left).

[markopavlovic]

@vlado I like the idea of having the option to manage your ad - but I think we all don't like the idea of needing to register. Maybe we can have accounts and reduce friction by having the registration with only "email" + "password" fields in the ad creation form (Dodaj oglas)? Email field we already have, so only password should be added and email made mandatory.

In which case when you are submitting the ad, we would check the session and if the session doesn't exist we can have the account being registered at the same step. If the session exists, remove the fields. If the session is expired, revalidate based on email and password? Thinking further how to simplify the process... maybe we can only have the "email" field and on submission check if the email doesn't exist, ask for the password in another modal/page/step?

Just ideas, lmk what you think.

[vlado]

Here is an idea for managing the ad.

Here are the step:

1. We add a hint to the email field on new ad form "Email is not required but if you do not enter it you will not be able to edit and/or remove your ad"
2. When ad is created we generate the token, save it to the database and send it in email to the user (Thanks for adding the ad, here is a token that you will need to edit/remove the ad).
3. When displaying the ad that has email entered we show "Edit" button.
4. We add token field to the edit form and we validate that the provided token matches one saved in the database.
5. If valid we update the ad, if not we render error message.

Same thing for removing the ad:

1. Click on delete button.
2. Delete ad page with just one field token and a submit button.
3. If token is ok we delete the ad.

I think it can not be simpler then that, not extra secure but I think it is more then good enough :)

Opinions: @markopavlovic @shime @berislavbabic @fsuste @dejanbj ...

[vlado]

Just checked and Mailgun Heroku add-on offers 400 emails per day for free. That should be enough.

Another thing we need to add is background processing for sending emails (Sidekiq or maybe someone has other preferences).

[vlado]

@vlado I like the idea of having the option to manage your ad - but I think we all don't like the idea of needing to register. Maybe we can have accounts and reduce friction by having the registration with only "email" + "password" fields in the ad creation form (Dodaj oglas)? Email field we already have, so only password should be added and email made mandatory.

In which case when you are submitting the ad, we would check the session and if the session doesn't exist we can have the account being registered at the same step. If the session exists, remove the fields. If the session is expired, revalidate based on email and password? Thinking further how to simplify the process... maybe we can only have the "email" field and on submission check if the email doesn't exist, ask for the password in another modal/page/step?

Just ideas, lmk what you think.

Wanted to answer but forgot last night. I think this one is pretty simple solution also. I would only like to avoid password. I know a lot of people who easily give up (stating with my wife :)) when they see that they need one more password to remember.

[berislavbabic]

2. When ad is created we generate the token, save it to the database and send it in email to the user (Thanks for adding the ad, here is a token that you will need to edit/remove the ad). Maybe we don't need to send the token immediately, but only if they want to edit/delete it?

3. We add token field to the edit form and we validate that the provided token matches one saved in the database. Or we ask for the email, if it's the same one, we email them the edit link with the token entered? /ad/123?token=foobarbaz

I guess same thing for removing the ad

[vlado]

1. When ad is created we generate the token, save it to the database and send it in email to the user (Thanks for adding the ad, here is a token that you will need to edit/remove the ad). Maybe we don't need to send the token immediately, but only if they want to edit/delete it?

2. We add token field to the edit form and we validate that the provided token matches one saved in the database. Or we ask for the email, if it's the same one, we email them the edit link with the token entered? /ad/123?token=foobarbaz

I guess same thing for removing the ad

Yes, that should also work. Maybe it is event better cause we need to send less emails :)

[vlado]

I'll try to implement this tonight

[radanskoric]

Btw, this can easily later be extended to have registration like Wolt has it. I don't if you used Wolt but they don't have passwords. On the web, if you want to log in they always send you a link to the e-mail and when you follow it you're logged in with a session. Once the session cookie is lost or you log out you have to go through the e-mail again.

[vlado]

Btw, this can easily later be extended to have registration like Wolt has it. I don't if you used Wolt but they don't have passwords. On the web, if you want to log in they always send you a link to the e-mail and when you follow it you're logged in with a session. Once the session cookie is lost or you log out you have to go through the e-mail again.

Never used Wolt but I get the idea :) Nice to have you here @radanskoric

[radanskoric]

Just checked and Mailgun Heroku add-on offers 400 emails per day for free. That should be enough.

Sendgrid free tier gives 12000 per month which is the same as 400 per day but since it's per month it's probably better because max number of e-mail will probably be right now and it will drop as time goes: https://elements.heroku.com/addons/sendgrid