Bỏ qua để đến nội dung
DOL Wiki

EVT 2026-02-20 - Stage A Auth Intent Lock Scope, Lock Reset, and Reopen Cooldown Finalization

DomainsDOL EnglishProduct161 words1 min read
active

Session scope

Phần tiêu đề “Session scope”

Close the remaining Stage A execution details after DEC-0063 so auth behavior is consistent across signup/login/recovery and protected attempt entry.

Confirmed outcomes

Phần tiêu đề “Confirmed outcomes”
  1. OTP lock scope:
  • Lock is scoped per auth intent.
  • Lock in one intent does not block OTP flows in other intents.
  • Within the same locked intent, channel-switch bypass is still blocked.
  1. OTP counter reset:
  • After lock window ends, OTP wrong-attempt counter resets to 0.
  1. Invalid/expired return fallback precision:
  • Fallback order is explicit:
    • nearest valid route in same skill/program context first,
    • program-level fallback second,
    • Home only as final fallback.
  1. Attempt-start auth gate reopen behavior:
  • After user dismisses gate, rapid re-open spam is throttled by short cooldown.
  • During cooldown, protected action is not started.
  1. Reset-success prefill source:
  • On forgot-password success, login prefill uses the exact identity channel completed in the reset flow.

Open items carried forward

Phần tiêu đề “Open items carried forward”
  • None for this refinement batch.