We are using oauth2 to keep user accounts synced to Fedora accounts. One user has noted that she does not want to interact with Discourse using that same email, for $REASONS. What are the implications of letting users change their address here? Will they still be able to log in the same way? Are there any gotchas I should look out for?
I’m not really sure. If they try to log in with oauth after they’ve changed their email and before they’ve added it as secondary then it’ll try to create a new account, I think.
Wait, sorry, I don’t think that answers my question. I guess I wasn’t clear. Right now, we have email editable turned off. This keeps the primary address fixed — and prevents the addition of a secondary one. It sounds like changing the primary address would cause problems (“it’ll try to create a new account”), so is there a way to enable the addition of a secondary email address which could be used for replies to messages without allowing the primary one to be changed?
Sorry, let me rephrase the initial part. She doesn’t mind the mail coming from discourse to be directed to that inbox. However, her mail client is not configured to send mail from that address. It’s my understanding that if her usual address were added as a secondary, Discourse would understand to properly associate incoming responses (which are now rejected as not matching her email address).
Yeah secondary email should work here, I am not sure though of the implications here. You may not want to fiddle with the primary emails. Maybe give it a shot and see what happens?
But here I can also change my primary address, right? That’s what happened on our site, too — I changed the email editable setting, and now I can both add a secondary address and change the primary. How can I make it so users can just do the first of those?
I do not think we have this flexibility at the moment, closest you can probably do is disable fiddling with primary via CSS.
OAuth is keyed on a special key anyway, so the impact of fiddling with primary email should be extremely low, login will still work and be associated to the main fedora account.
Not sure, I guess the only other thing you should be aware of is that we build an admin interface for merging accounts… so worst case if you discover an issue you can sort it out yourself.