Page MenuHomePhabricator

[keyserver] Modify link verification so that it works with users that aren't logged in to a keyserver
ClosedPublic

Authored by tomek on Dec 12 2023, 2:17 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Nov 24, 1:02 AM
Unknown Object (File)
Thu, Nov 21, 9:22 AM
Unknown Object (File)
Mon, Nov 18, 5:50 AM
Unknown Object (File)
Fri, Nov 8, 5:01 AM
Unknown Object (File)
Fri, Nov 8, 3:35 AM
Unknown Object (File)
Tue, Oct 29, 11:18 AM
Unknown Object (File)
Oct 4 2024, 3:59 AM
Unknown Object (File)
Oct 4 2024, 3:59 AM
Subscribers

Details

Summary

Initially we were assuming that all the users that click an invite link are logged in to a keyserver. In multi-keyserver world it can happen that a user is logged in to Identity service, but isn't to a keyserver.

Before logging the user in, we need to check if a link is valid - that requires modifying the verification endpoint so that it no longer assumes that a user is logged in. This assumption was used only to determine if a user is a member of a thread - which is obviously false for a user that isn't logged in.

Depends on D10307

Test Plan

Bring back a bug from D10307 which allows easily checking what happens when a user isn't logged in. Check if the endpoint works for users that are and aren't logged in.

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

tomek requested review of this revision.Dec 12 2023, 3:25 AM
This revision is now accepted and ready to land.Dec 14 2023, 1:52 AM