[SDK] Allow passwords to be set at the point of reset confirmation #6171
Conversation
ouchadam
added
Z-FTUE
| */ | ||
| suspend fun resetPassword(email: String, | ||
| newPassword: String) | ||
| suspend fun resetPassword(email: String, newPassword: String? = null) |
There was a problem hiding this comment.
When I created this API, I was following the UI, when the form was asking for the email and the new password. I have checked and it's fine to provide the Pwd later.
| return when (resetPasswordData) { | ||
| null -> throw IllegalStateException("developer error, no reset password in progress") | ||
| else -> { | ||
| val password = newPassword ?: resetPasswordData.newPassword ?: throw IllegalStateException("developer error, no new password set") |
There was a problem hiding this comment.
Do we want to enforce that newPassword and resetPasswordData.newPassword are not not null simultaneously? Or are the same?
| @@ -63,14 +63,15 @@ interface LoginWizard { | |||
| * [resetPasswordMailConfirmed] is successfully called. | |||
| * | |||
| * @param email an email previously associated to the account the user wants the password to be reset. | |||
| * @param newPassword the desired new password | |||
| * @param newPassword the desired new password, can be optionally set here or as part of [resetPasswordMailConfirmed] | |||
There was a problem hiding this comment.
Maybe add the point that if the pwd is provided here, it will be temporarily stored in the SDK encrypted DB.
To avoid that consider passing the pwd in [resetPasswordMailConfirmed]
I originally had this but wasn't sure of the consequences of no longer persisting the password within the I'm happy to update and remove! |
|
will close and rework to provide a single way to reset the password |
|
|
||
| if (safeLoginWizard == null) { | ||
| setState { copy(isLoading = false) } |
There was a problem hiding this comment.
by making the loginWizard non null (which the compiler is warning is impossible to be null) we can simplify the branching
There was a problem hiding this comment.
I have noticed this warning. I think this is relatively new, probably since a Kotlin version upgrade. I am also wondering why the compiler is not failing, since warnings are errors on our project. So looks more like a IDE inspection warning.
ouchadam
requested review from
a team,
Claire1817,
ariskotsomitopoulos and
bmarty
and removed request for
a team
| @@ -470,7 +472,8 @@ class LoginViewModel2 @AssistedInject constructor( | |||
|
|
|||
| currentJob = viewModelScope.launch { | |||
| try { | |||
| safeLoginWizard.resetPasswordMailConfirmed() | |||
| val state = awaitState() | |||
| safeLoginWizard.resetPasswordMailConfirmed(state.resetPasswordNewPassword!!) | |||
There was a problem hiding this comment.
is it possible to avoid the not-null assertion operator ?
There was a problem hiding this comment.
it's possible (we're avoiding it in the OnboardingViewModel) but I've taken a shortcut here in the LoginViewModel2 as this entire package will be removed once the FTUE is finished
for context, Login2 is the proof of concept which has lead to the FTUE project
I'd prefer to avoid making tooo many changes to this package, but would be happy to make the change if you feel it's worth doing 👍
ouchadam
force-pushed
the
feature/adm/sdk-new-password-on-confirmation
branch
from
3ae103c
to
2f51280
Compare
…t or as part of the confirmation step
- the new password is moved to the in memory view model state
…set password new password is not set
- adds reset test cases to the onboarding view model
ouchadam
force-pushed
the
feature/adm/sdk-new-password-on-confirmation
branch
from
2f51280
to
edfabb0
Compare
Type of change
Content
Fixes #6169
Updates the
LoginWizardreset api to allow passing the new password at the point of confirmationnewPasswordparameter fromLoginWizard.resetPasswordin favour of only supply it as part ofresetPasswordMailConfirmedViewModelstate, emitting an error if the password has not been setResetStateto theOnboardingViewModelin preparation for the flow changesMotivation and context
To enable the FTUE reset password journey which involves supplying a password after the reset email has been confirmed instead of the current flow which involves passing the email and password upfront.
Screenshots / GIFs
No UI changes
Tests
No production changes
Tested devices