Improve user management for public bot links #732
Assignees
Comments
|
Test it out here: https://chatbots.dimagi.com/a/dimagi/experiments/e/f4219b24-3f35-45c3-91e8-60949439ce3a/start/ If you are not logged in a use the email address of a logged in user it doesn't work. This should notify the user. |
|
I wrote some thoughts down here |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The problem
When someone follows a public link to chat to a bot and enters an email address that belongs to a platform user, they will not be able to send the message, since they are not logged in. There's no feedback to to the user, so this is confusing UX.
The reason for this has to do with the fact that when we first create the session, we find the participant user based on the entered email address and link that participant to the session. When the user sends a message, we find the user on the request (which will be
None) and find the session where the participant user equals this user. Since a participant was found when we first created the session, but will not be found now, since the participant user isNone, the session will not be found.Proposed solution
We send the chat link to the specified email address (I think Simon suggested this way back?). This serves as a way to verify the email address (better security) and if we see that this belongs to a platform user, the link can look something like "https://chatbots.com/accounts/login?next=the/chat/link", thus forcing the user to log in first.
Toughts welcome
The text was updated successfully, but these errors were encountered: