Details
-
Improvement
-
Resolution: Duplicate
-
Major
-
COmanage Registry 1.0.5 (Polished Polygon MR5)
Description
Account linking currently requires completing a (minimal) enrollment form to collect a name and email address, with the latter used to send an invitation to link back to the original identity after logout. However, this is a clunky user experience.
Add a new EF setting or change email_confirmation mode to "require enrollee authentication" without requiring email to be sent
- Redirect to /auth/logout, but preserve enough info in session to reconnect ($SESSION['PETITION_IN_PROGRESS'])
- mod_auth_foo executes logout functionality
- /auth/logout is delivered by Apache, redirects back to /auth/login
- mod_auth_foo executes login functionality
- COmanage/cake sets up new authentication info ($SESSION['Auth.User']), sees existing petition in progress and re-enters enrollment flow
TBD: What does the org identity record look like? It needs a name, do we just pull the CO Person primary name and clone it into the Org Identity? Or can we expect sufficient attributes out of the authentication event?
Also, can this be implemented as an OIS plugin? Or does it need to be done in core petition code?