Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Source Interface: Flow Inversion #6438

Draft
wants to merge 19 commits into
base: develop
Choose a base branch
from
Draft

Source Interface: Flow Inversion #6438

wants to merge 19 commits into from

Conversation

eaon
Copy link
Contributor

@eaon eaon commented May 6, 2022

Description of Changes

Up until now, SecureDrop had an implicit "sign up" flow, in which
sources were assigned a codename/passphrase before they were able to
submit any messages/documents.

This created a couple of technical pitfalls with regards to session
management and (potentially) usability issues as well (user research
pending). As sources were asked to write down their
codenames/passphrases before they were able to do for what
they came to the instance for, we made sure to remind them of their
codename repeatedly.

Flow inversion seeks to simplify both the backend implementation as well
as the source interface's user experience.

Towards #6211

Testing

TBD

Checklist

If you made changes to the server application code:

  • Linting (make lint) and tests (make test) pass in the development container
  • I have updated AppArmor rules to include the change (TODO)
  • I have written a test plan and validated it for this PR (TODO)
  • I would appreciate help with the documentation

@zenmonkeykstop zenmonkeykstop force-pushed the 6211-flow-inversion branch 12 times, most recently from 4cab80e to 6e5cb05 Compare June 13, 2022 15:18
@zenmonkeykstop zenmonkeykstop force-pushed the 6211-flow-inversion branch 2 times, most recently from 30aaae8 to 9e06c68 Compare June 20, 2022 16:41
eaon and others added 13 commits June 20, 2022 16:59
Towards #6211

Up until now, SecureDrop had an implicit "sign up" flow, in which
sources were assigned a codename/passphrase before they were able to
submit any messages/documents.

This created a couple of technical pitfalls with regards to session
management and (potentially) usability issues as well (user research
pending). As sources were asked to write down their
codenames/passphrases before they were able to do for what
they came to the instance for, we made sure to remind them of their
codename repeatedly.

Flow inversion seeks to simplify both the backend implementation as well
as the source interface's user experience.
Needs discussion: is there a reason to keep the show codename button
around? If so, we want to track it's state for the session so as to not
confuse sources on page refreshes.
More optimisation wrt message validation vs. when to actually create a new
source account, and start replacing codename with passphrase terminology
@zenmonkeykstop
Copy link
Contributor

(Rebased as the auto-rebase in CI was breaking tests due to pageslayout changes introduced elsewhere.)

@@ -30,7 +30,7 @@ class SessionManager:
"""Helper to manage the user's session cookie accessible via flask.session."""

# The keys in flask.session for the user's passphrase and expiration date
_SESSION_COOKIE_KEY_FOR_CODENAME = "codename"
_SESSION_COOKIE_KEY_FOR_CODENAME = "passphrase"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should be _SESSION_COOKIE_KEY_FOR_PASSPHRASE here. Nice rename btw 👍

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Turns out the only thing in computer science more annoying than naming things is renaming them :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants