Some interactions on the central domain should depend on whether the user is already logged in on the local domain. I was struggling to keep this all in my head while working on T392359 and T393459, so I made this table.
When the local domain and central domain login status matches, the behavior should be the same as in normal MediaWiki (cases 1-4).
When the local domain and central domain login status does not match, things get more interesting (cases 5-8).
| # | Page | Local domain | Central domain | Current behavior | Expected behavior | Notes |
|---|---|---|---|---|---|---|
| (1) | Special:UserLogin | Logged out | Logged out | Shows login form | unchanged | |
| (2) | Special:UserLogin | Logged in | Logged in | Redirects back to the main page [T392359] | Shows login form with warning 'userlogin-loggedin' | |
| (3) | Special:CreateAccount | Logged out | Logged out | Shows signup form | unchanged | |
| (4) | Special:CreateAccount | Logged in | Logged in | Shows signup form with more options | unchanged | In the future we may add a warning, T284927 |
| (5) | Special:UserLogin | Logged in | Logged out | Shows login form, like case (1) [T393459] | Shows login form with warning 'centralauth-warning-reauth' | |
| (6) | Special:UserLogin | Logged out | Logged in | Logs in without a form | unchanged | In the future we may add an interstitial, T369467 |
| (7) | Special:CreateAccount | Logged in | Logged out | Shows signup form, like case (3) [T393459] | Shows login form with warning 'centralauth-warning-reauth' | Does a redirect through the UserLogin case (5), ends up in CreateAccount case (4) after successful login |
| (8) | Special:CreateAccount | Logged out | Logged in | Shows signup form with more options, like case (4) | unchanged | Ideally this would do a redirect through the UserLogin case (6) to make the user resolve this weird situation and end up in CreateAccount case (4), but this turned out to be difficult to implement |
Additionally, there are some cases that do not fit neatly in this table:
- Visiting Special:CreateAccount with a ?returnto=… parameter while logged in on the local domain should be allowed to match MediaWiki core, it currently redirects back to the main page (like case 2). [T392359]
- Visiting any auth-related special page that redirects to the central domain while logged in on the local domain should behave basically like Special:CreateAccount in this table. [T393459]
- If the user is logged into different accounts on the local and central domain, they will probably experience something weird. We do not currently try to handle this case, not sure if we should.
- Actually using the login form while already logged in on either the local or central domain may also result in something weird. We should probably document what exactly happens, but I think changing it is out of scope for now (since you can already experience it by visiting it on the central domain directly).