Discourse Keybase Proof

Ok, so I should just redirect back to the new_proof_url endpoint, fair enough :slight_smile:

yeah. redirecting is perfect. it doesn’t have to redirect to new it could also go to the user’s profile page or settings page or something like that as long as the flash notice tells the user something actionable. whatever makes the most sense. i’m not really sure. no opinions.

the logged-in user is the discourse user that is making the proof

absolutely. yes. it looked like here we’re only checking if it’s the correct user on create and i’d argue we should also do it on new. there’s no sense in trying to save a proof that we know will fail.

The code I pushed is not the latest. I rewrote the create method, removing the check for the username param as it should not be necessary anymore (as the proof_valid? check will fail).

The new method is just a placeholder for Discourse routing logic, it will never be called and it needs to allow non-logged-in requests to allow the user to log in if they logged off previously :slight_smile:

EDIT: this is the new code I just pushed (still not very polished, I pushed it just to let you see it).

1 Like

About setting up a test domain: it would be great :slight_smile: