Iframe login via popup #1905
Merged
Iframe login via popup #1905
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rrrliu
approved these changes
Sep 27, 2024
Comment on lines
+14
to
+17
| const IFrameAuthenticationMessageSchema = v.object({ | ||
| type: v.literal("auth"), | ||
| encryptionKey: v.string() | ||
| }); |
There was a problem hiding this comment.
i like the migration from zod -- we are the only z that matter 😆
There was a problem hiding this comment.
Valibot also produces much smaller bundles!
This is a follow-up to #1905, which removes the deprecated Chrome "local storage access" request, now that we have agreed on the popup flow as the primary login method.
rrrliu
pushed a commit
that referenced
this pull request
Sep 27, 2024
This allows the user to log in via a popup window opened from within the Zupass embedded iframe. On visiting a Zapp for the first time, the user is asked to connect to Zupass by clicking a button, which causes a popup window to open. If the user is already logged in to Zupass in another tab, then the popup window will pick up the authentication state from that other session, and forward the user's sync key back to the iframe, which will use it to log in. If the user is not already logged in to Zupass in another tab, then they can provide their email and password in the popup window, and after authenticating the sync key will be sent to the iframe. Three failure cases are covered: 1) If the browser blocks popups, a message is shown to the user advising them to change their browser settings and try again 2) If the user closes the popup window before authentication completes, they are informed of this and asked to try again 3) If logging in using the sync key fails, the user is asked to try again
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This allows the user to log in via a popup window opened from within the Zupass embedded iframe.
On visiting a Zapp for the first time, the user is asked to connect to Zupass by clicking a button, which causes a popup window to open.
If the user is already logged in to Zupass in another tab, then the popup window will pick up the authentication state from that other session, and forward the user's sync key back to the iframe, which will use it to log in.
If the user is not already logged in to Zupass in another tab, then they can provide their email and password in the popup window, and after authenticating the sync key will be sent to the iframe.
Three failure cases are covered: