Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Respect registration config on OAuth signup flow #303

Merged
merged 8 commits into from Apr 22, 2020
Merged

Respect registration config on OAuth signup flow #303

merged 8 commits into from Apr 22, 2020

Conversation

thebaer
Copy link
Member

@thebaer thebaer commented Apr 20, 2020

This alters the current OAuth flow to respect an instance's user registration config. It includes:

  • Closed registration. Now, if the OAuth flow would've normally led to the creation of a new user on a closed-registration instance, it is blocked instead and an error is returned to the user.
  • Invite-based registration. Now, on an invite link, a user has the option of signing up via any configured OAuth provider.

This PR includes style and database changes. Run the following commands to update your development environment:

make ui
writefreely db migrate

@thebaer
Prevent account creation via OAuth when registration is closed
93c2773
@thebaer
Support OAuth registration with invite code
ca4a576 
This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered.

It enables invite-only instances with OAuth-based registration.
@thebaer
Reduce db calls on normal invite-based signup
5400f41 
This removes an unnecessary database call after creating a user, and documents `db.CreateUser()` to make it clear that extra calls are unnecessary.
@thebaer thebaer added this to the 0.12 milestone Apr 20, 2020
@thebaer thebaer requested a review from ngerakines April 21, 2020 10:49
@thebaer
Run go fmt on oauth_test.go
7b7df55
@thebaer
Move unique OAuth username creation to client-side
cf3d558 
Now, on OAuth signup form, we create a unique username with random appended string only if there's a conflict.
Previously, this was always happening during the Slack OAuth flow. This has the benefit of preventing username collisions for all OAuth providers.
@thebaer
Mention unset password on failed login
fd97539 
(when it applies)
@thebaer
Remove "login" verbiage on OAuth signup page
308b1a7 
Change it to reflect that this is the final step in the signup flow.
@thebaer
Reduce vertical margin around OAuth buttons
f15acf3
@thebaer
Copy link
Member Author

thebaer commented Apr 22, 2020

Added a few light improvements to the OAuth signup flow here, too:

  • Skip random username generation if unnecessary
  • Use "sign up" language on OAuth signup page, instead of "log in" language
  • Inform user when they try to login to an OAuth-based account with a password but don't have one set

@thebaer thebaer merged commit 99d86a7 into develop Apr 22, 2020
@thebaer thebaer deleted the fix-oauth-account-creation branch April 22, 2020 17:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ngerakines ngerakines Awaiting requested review from ngerakines

Assignees
No one assigned
Labels
None yet
Milestone
0.12
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@thebaer