[Cloud] user settings security page
Created by: artemruts
Description
Fixes part of #17166 (closed) (External Accounts sign-ins)
Adds code external accounts sign-in (GitHub, GitLab) while trying not to touch much of the original password forms (those need to be migrated to hooks, func components).
Outdated backend changes ⌛ ️
Backend changes
I had to add isPasswordSet to the User type and expose it through GraphQL, here's why I think we'll need it or something similar.
User:
- creates an account using BasicAuth (login and password)
- adds GitHub External Account to sign-in with
- navigates to
Account security(/users/this-user/settings/security) settings
Since the user has External Account - we're not going to show the password form.
- removes GitHub External Account
- navigates back to
Account security(/users/this-user/settings/security) settings
Now the user doesn't have any External Account we're going to show the password form.
We don't know which one. If the user previously used BasicAuth, we should show a reset form (with an old password field), otherwise, it's a create password form (without an old password field).
A new isPasswordSet field should solve that because we'll know if the user has a valid, not expired password or not
⚠ ️ Notes
Decided to keep previous version of the Passwords page while we test the new Cloud GA pages together.
Right now there's a bit pf duplication but that will go away as soon as I'm confident in the new Account security page.
Account security page will be toggled off by default.
Demo
When BasicAuth was used to sign-up
https://user-images.githubusercontent.com/1319181/106505545-770aca80-6496-11eb-8b32-48b53e741dca.mov
When user doesn't have a password
Same thing but user's don't see the old password field and we send a different GraphQL mutation
