[openstreetmap/openstreetmap-website] Re-arrange login and signup screens as discussed in #4128 (PR #4455)

[Anton Khorev]

@AntonKhorev commented on this pull request.



> @@ -101,14 +107,9 @@ def create
       if current_user.invalid?
         # Something is wrong with a new user, so rerender the form
         render :action => "new"
-      elsif current_user.auth_provider.present?
-        # Verify external authenticator before moving on
-        session[:new_user] = current_user.slice("email", "display_name", "pass_crypt", "pass_crypt_confirmation")

> They would still have to click on "Sign up"

Yes, but right after that the user is written to the db with arbitrary `auth_provider`. That happens before any further confirmation.

> If this is a real concern, I can bring back the extra round trip to the external provider before creating user record.

It's not the "extra" round trip when you allow to set `auth_provider` without any round trip. The deployed version has protections against that, you removed them here.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/4455#discussion_r1574944284
You are receiving this because you are subscribed to this thread.

Message ID: <openstreetmap/openstreetmap-website/pull/4455/review/2015090985 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20240422/2a50f046/attachment.htm>