> > My workarounds: Send the user to the login page, so they actually log in.
>
> We should both perhaps use more clear language. IIUC you seem to take _"log
> in"_ to mean exclusively to _"go to https://www.openstreetmap.org/login
> webpage and enter username/password there"_, while I intended it to mean
> _"enter your username/password **somewhere** in order to gain elevated
> privileges compared to when non-logged-in"_ (like e.g. in any Oauth2 flow).
You don't enter username/password during an Oauth2 flow. You enter them before
that if you're not actually logged in because the authorization page redirects
you to the login page in this case. If on the other hand you're actually logged
in, you're not redirected to the login page and you don't get to enter
username/password. Consequently, none of the side effects of actually logging
in happen. This issue asks for these side effects to happen even if you're
actually logged in.
There's ony one *somewhere* where you enter username/password - the login page,
if we ignore apps ith very questionable login practices like Organic maps.
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/5490#issuecomment-2603063725
You are receiving this because you are subscribed to this thread.
Message ID:
<openstreetmap/openstreetmap-website/issues/5490/2603063...@github.com>
_______________________________________________
rails-dev mailing list
rails-dev@openstreetmap.org
https://lists.openstreetmap.org/listinfo/rails-dev
