On Fri, Jul 09, 2021 at 11:13:19AM -0400, Christopher wrote: > Why does FAS use the email forwarding address when I use it to > authenticate, rather than the permanent @fedoraproject.org alias for > the address?
Because only "contributors" (ie, people in at least one non cla group) have @fedoraproject.org aliases. > I should be able to change my forwarding address without changing how > authentication works. However, it looks like if I change my forwarding > address, then try to use FAS to log in to Bugzilla, it would tell me > that there is no account for <forwarding address> and asks if I want > to register. This currently happens when I try to log in with FAS, > because I registered my bugzilla account using my > ctubb...@fedoraproject.org alias instead. Obviously, I don't want to > create a new account if I change my forwarding address. I can't > imagine ever wanting to authenticate using my forwarding address, > rather than my Fedora alias for accessing Fedora systems, because my > forwarding address is subject to change. We are working on this with the new account system. It has a 'bugzilla email address' field. However, we need to put in place verification of those addresses before we enable it on our side/in bugzilla. Once thats there you should be able to put your fedoraproject.org address in there. In the mean time we can override this for bugzilla. File a infrastructure ticket for it. > > Every FAS account has a corresponding @fedoraproject.org email alias. nope, they do not. > So, why doesn't FAS use that? In my opinion, it should, and to make it > clear, the Fedora Accounts profile page should be changed to have a > grayed out field for Email that shows your @fedoraproject.org email > alias, in addition to the Email field that you can edit to update your > registered/forwarding address. > > Also, why doesn't the FAS OAuth login redirect page show the password > and 2FA fields separately, like on the Fedora Accounts > (accounts.fedoraproject.org) page? It would be much nicer on password > managers, which are easily confused into thinking you've changed your > password every time you manually append the 2FA code to the password. This is also being worked on. It turns out to be a lot harder than we first thought. Hopefully that will land soon. kevin
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
