Registering multiple users on the same device causes locked out users
Closed this issue · 2 comments
EdHurtig commented
I know this is a bit of a dumb issue because who would ever do this, but it does cause problems and should probably be fixed.
Steps to reproduce: Have 2 users: user1
and user2
and check the disable passwords for clef users setting. Do not install the waltz extension because that makes things even more confusing and weird
- Activate clef for
user1
with phone - Logout of clef on phone and logout
user1
from WordPress - New browser window (incognito for sanity)
- Login to WordPress as
user2
with password - Activate clef for
user2
with the same phone as before - This shouldn't be allowed, but it is - Logout
user2
from phone and WordPress - Use phone to Login to WordPress... Who to login??? hmmm problem 1. It chooses
user1
for me. Not sure if it goes by first user ID, First Registered with Clef, or First alphabetical username.
- Problem 1 Multiple Users linked to same clef account/phone who gets logged in...
- Problem 2 The user that clef doesn't pick when you scan your phone is completely locked out of their account now because clef is active for their WordPress Account and Passwords are disabled... :-( https://www.dropbox.com/s/717jergd6p4ukyp/Screenshot%202014-06-18%2015.37.56.png and I can't get into the
user2
account with clef
Recommendation: Check to see if the Clef Account is already linked to another WordPress User before linking it.
Thanks! Clef is a great service and I love it. Keep up the good work and let me know if you would like be to whip up a patch.
jessepollak commented
Thanks for the bug report — just pushed a fix for this which will go live in the next release.
EdHurtig commented
Thanks Jesse!