Identity/Firefox Accounts/Account lockout: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(→‎Task breakdown: move to the DB field to the fxa-auth-db-server repo)
(→‎Task breakdown: remove duplicate entry)
Line 14: Line 14:
** https://github.com/mozilla/fxa-auth-db-server/issues/89
** https://github.com/mozilla/fxa-auth-db-server/issues/89
* fxa-auth-server
* fxa-auth-server
** add new flag in DB
** add new "unlock" email (copy and l10n needed)
** add new "unlock" email (copy and l10n needed)
** add new errno=104 return code to /account/{destroy,login} and /password/change/start
** add new errno=104 return code to /account/{destroy,login} and /password/change/start

Revision as of 23:09, 7 October 2014

Here is an implementation plan for the account lockout feature of Firefox Accounts.

Task breakdown

  • fxa-customs-server
  • fxa-auth-db-server
  • fxa-auth-server
    • add new "unlock" email (copy and l10n needed)
    • add new errno=104 return code to /account/{destroy,login} and /password/change/start
    • implement and document new API endpoints: /account/unlock/{verify_code,resend_code}
    • clear the locked flag on successful password resets
    • add locked property to the data returned by /account/status
    • https://github.com/mozilla/fxa-auth-server/issues/801
  • fxa-content-server
    • check for errno=104 on /account/{destroy,login} and /password/change/start
    • new error message for locked accounts (copy and l10n needed)
  • fennec
    • check for errno=104 on /account/{destroy,login} and /password/change/start
    • new error page for locked accounts (copy and l10n needed)

Deployment timeline

  1. deploy the new customs server with support for account lockout
  2. update auth server DB schema on production
  3. deploy content server with support for the new error code
  4. deploy auth server which honours locked accounts
Retrieved from "https://wiki.mozilla.org/index.php?title=Identity/Firefox_Accounts/Account_lockout&oldid=1023264"