From 96ebbad959bf3a169a2d8911fba585bb61360919 Mon Sep 17 00:00:00 2001
From: Matthew Hodgson <matthew@matrix.org>
Date: Mon, 8 Mar 2021 04:54:44 +0000
Subject: [PATCH] switch UnverifiedSessionToast to route to check sessions
 rather than verify the new login

given the chances are that the new login will be stuck doing initial sync, and won't be in position
to be verified until its finished.
---
 src/i18n/strings/en_EN.json          | 17 +++++++--------
 src/toasts/UnverifiedSessionToast.ts | 31 +++++++++++++++-------------
 2 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/src/i18n/strings/en_EN.json b/src/i18n/strings/en_EN.json
index e8a4b86c77..0b6f68a738 100644
--- a/src/i18n/strings/en_EN.json
+++ b/src/i18n/strings/en_EN.json
@@ -725,7 +725,7 @@
     "Send <UsageDataLink>anonymous usage data</UsageDataLink> which helps us improve %(brand)s. This will use a <PolicyLink>cookie</PolicyLink>.": "Send <UsageDataLink>anonymous usage data</UsageDataLink> which helps us improve %(brand)s. This will use a <PolicyLink>cookie</PolicyLink>.",
     "Yes": "Yes",
     "No": "No",
-    "Review where you’re logged in": "Review where you’re logged in",
+    "You have unverified logins": "You have unverified logins",
     "Verify all your sessions to ensure your account & messages are safe": "Verify all your sessions to ensure your account & messages are safe",
     "Review": "Review",
     "Later": "Later",
@@ -749,7 +749,8 @@
     "Safeguard against losing access to encrypted messages & data": "Safeguard against losing access to encrypted messages & data",
     "Other users may not trust it": "Other users may not trust it",
     "New login. Was this you?": "New login. Was this you?",
-    "Verify the new login accessing your account: %(name)s": "Verify the new login accessing your account: %(name)s",
+    "A new login is accessing your account: %(name)s (%(deviceID)s) from %(IP)s": "A new login is accessing your account: %(name)s (%(deviceID)s) from %(IP)s",
+    "Check your devices": "Check your devices",
     "What's new?": "What's new?",
     "What's New": "What's New",
     "Update": "Update",
@@ -974,7 +975,7 @@
     "Folder": "Folder",
     "Pin": "Pin",
     "Your server isn't responding to some <a>requests</a>.": "Your server isn't responding to some <a>requests</a>.",
-    "From %(deviceName)s (%(deviceId)s)": "From %(deviceName)s (%(deviceId)s)",
+    "From %(deviceName)s (%(deviceId)s) from %(IP)s": "From %(deviceName)s (%(deviceId)s) from %(IP)s",
     "Decline (%(counter)s)": "Decline (%(counter)s)",
     "Accept <policyLink /> to continue:": "Accept <policyLink /> to continue:",
     "Remove": "Remove",
@@ -1711,6 +1712,7 @@
     "Failed to deactivate user": "Failed to deactivate user",
     "Role": "Role",
     "This client does not support end-to-end encryption.": "This client does not support end-to-end encryption.",
+    "Edit devices": "Edit devices",
     "Security": "Security",
     "The session you are trying to verify doesn't support scanning a QR code or emoji verification, which is what %(brand)s supports. Try with a different client.": "The session you are trying to verify doesn't support scanning a QR code or emoji verification, which is what %(brand)s supports. Try with a different client.",
     "Verify by scanning": "Verify by scanning",
@@ -2611,13 +2613,8 @@
     "Decide where your account is hosted": "Decide where your account is hosted",
     "Use Security Key or Phrase": "Use Security Key or Phrase",
     "Use Security Key": "Use Security Key",
-    "Confirm your identity by verifying this login from one of your other sessions, granting it access to encrypted messages.": "Confirm your identity by verifying this login from one of your other sessions, granting it access to encrypted messages.",
-    "This requires the latest %(brand)s on your other devices:": "This requires the latest %(brand)s on your other devices:",
-    "%(brand)s Web": "%(brand)s Web",
-    "%(brand)s Desktop": "%(brand)s Desktop",
-    "%(brand)s iOS": "%(brand)s iOS",
-    "%(brand)s Android": "%(brand)s Android",
-    "or another cross-signing capable Matrix client": "or another cross-signing capable Matrix client",
+    "Verify against another session": "Verify against another session",
+    "Verify this login to access your encrypted messages and prove to others that this login is really you.": "Verify this login to access your encrypted messages and prove to others that this login is really you.",
     "Your new session is now verified. It has access to your encrypted messages, and other users will see it as trusted.": "Your new session is now verified. It has access to your encrypted messages, and other users will see it as trusted.",
     "Your new session is now verified. Other users will see it as trusted.": "Your new session is now verified. Other users will see it as trusted.",
     "Without completing security on this session, it won’t have access to encrypted messages.": "Without completing security on this session, it won’t have access to encrypted messages.",
diff --git a/src/toasts/UnverifiedSessionToast.ts b/src/toasts/UnverifiedSessionToast.ts
index 9dedd2b137..32635e689a 100644
--- a/src/toasts/UnverifiedSessionToast.ts
+++ b/src/toasts/UnverifiedSessionToast.ts
@@ -15,38 +15,36 @@ limitations under the License.
 */
 
 import { _t } from '../languageHandler';
+import dis from "../dispatcher/dispatcher";
 import { MatrixClientPeg } from '../MatrixClientPeg';
 import Modal from '../Modal';
 import DeviceListener from '../DeviceListener';
 import NewSessionReviewDialog from '../components/views/dialogs/NewSessionReviewDialog';
 import ToastStore from "../stores/ToastStore";
 import GenericToast from "../components/views/toasts/GenericToast";
+import { Action } from "../dispatcher/actions";
+import { USER_SECURITY_TAB } from "../components/views/dialogs/UserSettingsDialog";
 
 function toastKey(deviceId: string) {
     return "unverified_session_" + deviceId;
 }
 
-export const showToast = (deviceId: string) => {
+export const showToast = async (deviceId: string) => {
     const cli = MatrixClientPeg.get();
 
     const onAccept = () => {
-        Modal.createTrackedDialog('New Session Review', 'Starting dialog', NewSessionReviewDialog, {
-            userId: cli.getUserId(),
-            device: cli.getStoredDevice(cli.getUserId(), deviceId),
-            onFinished: (r) => {
-                if (!r) {
-                    /* This'll come back false if the user clicks "this wasn't me" and saw a warning dialog */
-                    DeviceListener.sharedInstance().dismissUnverifiedSessions([deviceId]);
-                }
-            },
-        }, null, /* priority = */ false, /* static = */ true);
+        DeviceListener.sharedInstance().dismissUnverifiedSessions([deviceId]);
+        dis.dispatch({
+            action: Action.ViewUserSettings,
+            initialTabId: USER_SECURITY_TAB,
+        });
     };
 
     const onReject = () => {
         DeviceListener.sharedInstance().dismissUnverifiedSessions([deviceId]);
     };
 
-    const device = cli.getStoredDevice(cli.getUserId(), deviceId);
+    const device = await cli.getDevice(deviceId);
 
     ToastStore.sharedInstance().addOrReplaceToast({
         key: toastKey(deviceId),
@@ -54,8 +52,13 @@ export const showToast = (deviceId: string) => {
         icon: "verification_warning",
         props: {
             description: _t(
-                "Verify the new login accessing your account: %(name)s", { name: device.getDisplayName()}),
-            acceptLabel: _t("Verify"),
+                "A new login is accessing your account: %(name)s (%(deviceID)s) from %(IP)s", {
+                        name: device.display_name,
+                        deviceID: deviceId,
+                        IP: device.last_seen_ip,
+                    }
+            ),
+            acceptLabel: _t("Check your devices"),
             onAccept,
             rejectLabel: _t("Later"),
             onReject,