On Mon, Jan 18, 2021 at 07:15 PM, Mark Fletcher wrote:
At first blush, Bruce's proposal makes sense to me, although I'd just add one change: just make the Vote Now link work the same way as an 'email me a login link' works now. It would automatically log you in if you weren't already logged in.
No, that would be terrible :-) because it means that if people forward this poll to other people, then those other people can log in to the original forwarder's account by clicking that link.
I can't think of a simple way to solve this problem. Here is one workflow that might work (but it may be complex to implement):
If the "Vote now" button can be made account-specific (or unique for every e-mail that is sent), then if someone clicks the link, Groups.io can identify the account holder even if the person is not logged in. Then, when a person clicks the link, Groups.io first checks if the browser is logged in, and if so, directs the person to the poll (without checking whether the account that is logged in is the same as the person who clicked the link). If the browser is NOT logged in, then Groups.io determines who the account holder is (from the link's unique ID) and then shows a page saying "Thanks for your interest in this poll. Only group members may vote in this poll. An e-mail has been sent to <your@...> to help confirm your identity. If this is not your mail address, please visit *this* page to log in." (and the person is automatically sent a login link).
This would solve the issue of forwarding. If the mail is forwarded to someone who can also vote, and they are logged in, then that person will vote under their own name. If the mail is forwarded to someone who can't vote, then that person will get the "thanks for your interest" message (and eventually figure out for themselves that they can't vote).
One downside is that the e-mail address of the person who forwarded the message is shown on the "thanks for your interest" page. This is a potential privacy issue, since an account holder may forward the poll without realising that their e-mail address will be shown to any recipient of that forwarded poll. One can make the "thanks for your interest" page *without* the person's e-mail address, but then you have to explain to the reader that they won't receive the login link if they're not the original recipient of the poll notification, and that's going to be complicated.