-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User Sign Up: Disable activation code requirements #526
Comments
Ready for validation. There was quite a bit to think about, so here's the sequence/workflow of how user registration now works. Just wanted to document this here and the registration flow. Solution:
The Registration flow: I've tested this on my local and on cert, would like someone else to confirm this as well. |
@alex-418 Super |
@kathreenriel Right, got mixed up with the new registration workflow. |
@kathreenriel Completed via 2d9e70b Ended up being quite a chunk of work because BP extended profile fields ID's differ on cert/prod so I couldn't retrieve/check the value of these to do the redirection without updating the Field ID for each environment. Anyways, implemented a solution that searches for $_POST for a field value equivalent to "Learner" or "Organizer, but please test throughly to ensure it works as expected. |
Thanks @alex-418 For new Organizers sign ups there needs to a clearer explanation of acceptable email addresses (should I create a new issue?) Please see new description in graphic. |
@kathreenriel now redirecting learners to myEYPD via 4fe72e1 , and no need to make a separate issues as I've changed the email field validation text via BCcampus/validate-by-domain@3c75e1f |
@kathreenriel I like where you're going with trying to explain to users what's happening. Can we give an example and make this even more lay person speak? What do you think about using something like, "The part of your email address that follows the @ symbol must match your organization's website. (sarah@bccampus.com must be used if Sarah's work's website is bccampus.com) |
@mandily-p How about if we add this to the FAQ? @paulagaube could we add this as a FAQ for Organizers? |
Yes, I can create an FAQ for this. I tested the signup as an Organizer and it worked seamlessly. I was taken to my Events page after creating the account and could immediately start posting events. HOWEVER, @kathreenriel, it occurs to me that if we allow an Organizer to immediately post after creating an account, what is to stop me from entering a fake, yet valid, email address, and then immediately posting fake events? This seems a little more dangerous than just immediately allowing a Learner to start adding events to their myEYPD page. I think we need to consider adding a way to manually validate an Organizer before allowing them to post on the site. OR something like that....?? |
I created a Fake Event by a Fake Organizer. |
@paulagaube yes I agree this is risky and it will require closer monitoring of events that are posted. |
@paulagaube ha..ha...point taken! :) I think this is still the best option until Comments In A Box provides an update. |
Ideally sites don't require FAQ's because most things are intuitive and anything that isn't has contextual help build in :) I'd be curious to know - out of the spam accounts that were getting created when there was no protection - how many were learners vs organizers, and out of the organizers, how many actually posted events? |
@kathreenriel @paulagaube I've added a check via abb1a91 to ensure that if the plugin is not active, it'll behave like normal (there should be no redirection after registration if plugin is disabled). Please test user registration with both the plugin enabled and disabled to ensure it works as expected before we push to prod. |
thanks @alex-418 how/where do I disable this plugin to check? |
@kathreenriel in the dashboard there's a "Plugins" menu. You can activate/deactivate the plugin there. It's called "BP Disable Activation Reloaded" |
@alex-418 thanks, yes I disable, and checked Learner and Organizer registrations without the plugin and it works. |
The current process directs users to their email, to click on an activation code to confirm their account details. The current activation code no longer works.
Deactivate this process. This may require installing a plugin.
This issue is connected with #527 in its description of what to put in place of an activation code via email.
The text was updated successfully, but these errors were encountered: