Anonymous token not working
The customer will receive an email, w/ a link like this: http://help.ilist.com/discussions/problems/3-anonymous-token-broken?anon_token=365a4d6030cea4371fa035bd2659ceb7860e3ac2
Customer is not logged in to Tender. When the link is clicked, the customer gets a page like the attached screenshot. I assume this means the token didn't work.
Simply refreshing the page seems to properly authenticate, and the discussion can be viewed. For the rest of the session, the customer can view the discussion just fine as well.
Tested this on 3 separate occasions across 2 different computers. Consistent results each time.
-
Picture_1.png
103 KB
Picture_1.png
Discussions are closed to public comments.
If you need help with Tender please
start a new discussion.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
1 Posted by rick on 14 Jan, 2009 10:20 AM
Great catch (again)! The token is only setting the proper cookie, which is why the url works on the refresh. Our tests actually test the parameter, but one of the framework test methods was being a little more lenient than I expected (basically, the test was passing when it shouldn't have been passing).
I don't want to go into great deal (unless you really want to know), but I've fixed the faulty test (which immediately started failing), and then squashed the bug. It'll now authorize and set the anonymous cookie when you visit a url from the notification email. It's not deployed as of writing, but will be by tomorrow morning.
rick closed this discussion on 14 Jan, 2009 10:20 AM.
Chris Abad re-opened this discussion on 14 Jan, 2009 08:28 PM
2 Posted by Chris Abad on 14 Jan, 2009 08:28 PM
Looks good now. Thanks.