Stacks-wallet-web: Add ability to authenticate extension independently of app

Created on 6 Jul 2020  ·  4Comments  ·  Source: blockstack/stacks-wallet-web

I am not sure if this is a bug or just a workflow issue, but I expected to be able to:

  1. Download and install the extension
  2. Find a setup screen to enter my secret key
  3. Navigate to a website and select an account for login

Instead, I ended up having an odd experience trying to use the extension, this was my "user journey":

  1. Download and install the extension
  2. Click on the extension icon, and presented with "You are now signed out." message
    2020-07-06 07 40 55 mdhmgoflnkccjhcfbojdagggmklgfloo cf4e1ae60f46
  3. Click on the link "Find an app to use." and redirected to https://app.co/
  4. Click on BlockSurvey and tried to log in, but shown a blank window:
    Screenshot from 2020-07-06 07-50-58
  5. Go back to app.co, tried Xor Drive, but it still uses the legacy auth browser.blockstack.org
  6. Go back to app.co, tried Runkod and saw the connect prompt, but following that was shown another blank window when trying to log in using "I already have a secret key":
    Screenshot from 2020-07-06 07-45-18
  7. Go back to app.co, tried Sigle and it worked as expected:
    Screenshot from 2020-07-06 07-51-51
  8. At this point, I hesitated to enter my key because it was hard to identify the relationship between the chrome extension and the website I was using, and wasn't sure how I can best verify this URL is legit (although most people probably won't pay attention to this):
    Screenshot from 2020-07-06 07-53-15
  9. Then, finally, I was logged in to Sigle and clicking the extension button resulted in a view of my two accounts:
    2020-07-06 08 02 24 mdhmgoflnkccjhcfbojdagggmklgfloo b59c8fbdc313

Was there something I could have done differently? Is there a way to configure the extension independent from logging into a website that uses Connect?

enhancement
Source
picture whoabuddy

All 4 comments

From @markmhx in Discord:

There's no way to enter the Secret Key separately from the authentication flow for a particular app, but we could certainly add that. Want to file an issue above with that request?

I think this makes a lot of sense as a feature, and the issue may need to be renamed :slightly_smiling_face:

whoabuddy picture whoabuddy on 6 Jul 2020

Thanks @whoabuddy for all this detail! Much of your experience would have been had we communicated more effeectively with our developer base and users that apps needed the latest version of Blockstack Connect to work with the extension (and also built a more graceful failure mode for the extension when trying with apps that weren't yet upgraded).

I've changed the title of this issue to reflect the fact that I believe the remaining UX problems here should be resolved if we add a way to authenticate the extension without having to go through authentication for a particular app. That should give users an expected path and further clarify that the user is indeed in the context of the extension and not app when entering their Secret Key.

markmhx picture markmhx on 7 Jul 2020
👍1

fixed by https://app.zenhub.com/workspaces/userx-5deade0e95ddf8ab213b2460/issues/blockstack/ux/490 so moving to review

jasperjansz picture jasperjansz on 5 Aug 2020
🎉1

Closing, this is fixed by #490 where we'll display apps and have a sign in link in the unauthed state.

jasperjansz picture jasperjansz on 14 Aug 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

GinaAbrams picture GinaAbrams  ·  3Comments
radicleart picture radicleart  ·  7Comments
dantrevino picture dantrevino  ·  10Comments
friedger picture friedger  ·  6Comments
markmhx picture markmhx  ·  11Comments