Wordpress-android: Login: Jetpack site users not connected to WP.com can't log in using their Jetpack site address
Expected behavior
Any Jetpack site user should be able to log in to the app using their site address.
Actual behavior
Only the user who connected the Jetpack plugin is able to log in to the app using their site address.
Steps to reproduce the behavior
- Create a self-hosted site.
- Install and connect the Jetpack plugin to it.
- Add a new user in
wp-adminviaUsers > Add New. Do not connect this user to Jetpack. - Open the app.
- On the Prologue screen, tap Enter your site address.
- On the Site Address screen, enter a Jetpack site address.
- Tap Continue.
- Notice the Get Started screen.
- Notice how there's no way to login with the newly created site credentials.
Tested on Pixel 3 XL, Android 11, WPAndroid 15.8
Thanks to @malinajirka for originally reporting this.
renanferrari
All 4 comments
Nice catch!
There is one more variable to consider and that is whether or not the account email address has or does not have a WordPress.com account associated with it.
Using the steps above, if the user does have a WordPress.com account associated with their email address then they are logged in but the Jetpack site is not added (because this user has never connected Jetpack via the WP Admin > Jetpack dashboard). It's possible to go to My Sites > + > Add self-hosted site at this point but it's not super obvious that this needs to be done after logging in. Note that Stats show an error in this scenario. If the user does not have a WordPress.com associated with WordPress.com, then they are shown the Get Started screen (and eventually a Sign Up prompt) as noted in the steps on the issue. (2m46s)
I tested this with the Jetpack SSO setting off to start (the default) and then with it turned on and the results were the same in my tests.
designsimply
on 6 Oct 2020
@designsimply That's a very good point, thanks for mentioning it!
The reason that happens is because we are not really using the WordPress.com account to connect to the Jetpack site. Instead, we just assumed the user had already connected before and redirect them to the WordPress.com flow, which is clearly not ideal.
That said, I've just opened a PR that reverts this behavior to what it was before, where a Jetpack site user is always redirected to the Username/Password screen and needs to login with their site credentials. This approach also have some drawbacks, but it should be ok for now, while we consider other alternatives (internal ref: pbArwn-19o-p2#comment-1714). This is also the current behavior on iOS.
renanferrari
on 6 Oct 2020
3381855-zen
malinajirka
on 7 Oct 2020
Closed by #13065.
renanferrari
on 8 Oct 2020
Related issues
khaykov
路
3Comments
jd-alexander
路
3Comments
hoverduck
路
3Comments
maxme
路
3Comments
jtreanor
路
3Comments
Most helpful comment
@designsimply That's a very good point, thanks for mentioning it!
The reason that happens is because we are not really using the WordPress.com account to connect to the Jetpack site. Instead, we just assumed the user had already connected before and redirect them to the WordPress.com flow, which is clearly not ideal.
That said, I've just opened a PR that reverts this behavior to what it was before, where a Jetpack site user is always redirected to the Username/Password screen and needs to login with their site credentials. This approach also have some drawbacks, but it should be ok for now, while we consider other alternatives (internal ref: pbArwn-19o-p2#comment-1714). This is also the current behavior on iOS.