Identity/Firefox Accounts/Meeting Notes/2016 05 19 Web
From MozillaWiki
< Identity | Firefox Accounts | Meeting Notes
2016-05-19: Thursday Web Coordination
Theme: Anything tricky you need help with?
WHO: vbudhram, pbooth, saipc, jrgm, stomlinson
Major efforts: Signin confirmation, metrics, password strength UX improvements
From last time:
- Mobile app links (vladikoff) - did not see Alex,emailed.
- Train 62 strings cut (stomlinson)
- There was a train-62 branch that was created but never merged.
- New branch merged today.
- 10 new (mostly email), 2 changed.
- 400 page error messaging (stomlinson)
- requires review from vladikoff
- Change focused fields color scheme (sai)
- Merged!
- email changes (stomlinson)
- requires review.
- pb to take it over.
- Failing functional tests (stomlinson)
- Taken care of in https://github.com/mozilla/fxa-content-server/pull/3741 and https://github.com/mozilla/fxa-content-server/pull/3752
- https://github.com/mozilla/fxa-content-server/pull/3752 fixes the failing tests in train-62. Do we need a new tag? Vlad: Yeah let's tag.
- seeing new settings v3 failures: https://tc-test.dev.lcip.org/viewLog.html?buildId=5940&tab=buildResultsDiv&buildTypeId=FxaLatest_FunctionalTests
- https://tc-test.dev.lcip.org/overview.html
- https://tc-test.dev.lcip.org/viewType.html?buildTypeId=FxaLatest_FunctionalTests&tab=buildTypeStatistics
- everybody's creds are the same on this box.
- SASS linting (sai)
- Merged! woohoo :D
- Change password and reset account (vbudhram)
- https://github.com/mozilla/fxa-auth-server/pull/1264 (Ready to Merge)
- I see a "merge at will"
Discuss
- Signin confirmation (pb, vb, st)
- Test stack - https://confirm-signin.dev.lcip.org/
- TESTING NEEDED!
- Test doc - https://docs.google.com/document/d/1ztLvUs6fK6h2ump6FWBXw2-7CyXYcC39zd10t1VdDQc/
- user.js - https://gist.github.com/shane-tomlinson/4b15926babda1804f43b70885d3dfa0d
- Need a way to handle verification email in case of content-server rollback
- pb and st to discuss tomorrow, make a proposal to jrgm.
- Generate FlowID on server (pbooth)
- Start asking rfk instead.
- Password strength-o-meter (sai, rfeeley)
- rfeeley's awesome feature doc: https://github.com/mozilla/fxa/blob/3d946b2a77b982d8ce1e6ca0fd9f53d0f9eb258f/features/FxA-97-password-strength/README.md
- Temporary tunnel to mock-up: http://45cc2af7.ngrok.io
- 3 stages so far:
- 1. Empty field --> "Choose a strong pwd...."
- 2. User starts typing --> "8 chars min..."
- 3. Field goes out of focus --> check bloomfilter match --> "Password is common...."
- Should we revert to stage 1 if user deletes the password?
- Do we allow people to cancel our warning? if so, we need to log that metric. - Shane: Intermediate step: let users use crappy passwords for now, log metrics.
- Do we disable form unless user cancels warning? - See above.
- Do we use `zxcvbn` to estimate pwd strength?
- not unless it goes on a (crash) diet.
- Password length warning (vbudhram)
- Robots meta-tag (stomlinson)
- rfk has updated. Avoids all indexing.
- https://github.com/mozilla/fxa-content-server/pull/3604
- stomlinson asked rfk to make some updates.
- FAO jrgm, jbuck: https://github.com/mozilla/fxa-auth-server/pull/1259#issuecomment-220046487
- auth server pr that uses memcached
- is it okay to target the same memcached instances as the customs server does, or does it need separate instance?
- (namespace is already different)
