Is your feature request related to a problem? Please describe.
In order to add validation=mail or validation=admin feature, we'll need to use the state column from profile table in order to save the current user account state.
Describe the solution you'd like
There should be 3 differents states for now :
pending_validation - When creating a new account using validation=mail|admin, new user should be set to this state
disabled - validation=mail|admin|none|undefined. Account is disabled and request access token should return an error on sign-in
enabled - validation=mail|admin|none|undefined. Normal state, user should be able to access the resource he can. When a user is created using validation=none|undefined, this should be the default state?.
In case of validation=mail, user will be updated from user_account_state=pending_validation to user_account_state=enabled using a mail
In case of validation=admin, user will be updated from user_account_state=pending_validation to user_account_state=enabled by the administrator
Since this enhancement is actually a prevision for validation=mail implementation, we can also add an user_account_state_updated_at in order to set a time-to-live to the (future) activation link.
user_account_state should be a varchar(20)user_account_state_updated_at should be a datetime(3)
@Todo
[x] We'll need to update the database to add those columns, and set a default value to user_account_state=enabled for existing users
[x] We'll need to add sign-in validation (Check if user_account_state=enabled before forging an access token) for validation=*
[x] We'll need to add sign-up validation (Create new user with user_account_state=pending_validation if validation=mail|admin, otherwise user_account_state=enabled)
[x] We'll need to add/edit admin user interface in order to set user_account_state value (In order to set user_account_state=enabled|disabled if needed)
User account state validation signup/signin
Is your feature request related to a problem? Please describe. In order to add
validation=mailorvalidation=adminfeature, we'll need to use the state column from profile table in order to save the current user account state.Describe the solution you'd like There should be 3 differents states for now :
pending_validation- When creating a new account usingvalidation=mail|admin, new user should be set to this statedisabled-validation=mail|admin|none|undefined. Account is disabled and request access token should return an error on sign-inenabled-validation=mail|admin|none|undefined. Normal state, user should be able to access the resource he can. When a user is created usingvalidation=none|undefined, this should be the default state?.In case of
validation=mail, user will be updated fromuser_account_state=pending_validationtouser_account_state=enabledusing a mail In case ofvalidation=admin, user will be updated fromuser_account_state=pending_validationtouser_account_state=enabledby the administratorSince this enhancement is actually a prevision for
validation=mailimplementation, we can also add anuser_account_state_updated_atin order to set a time-to-live to the (future) activation link.user_account_stateshould be avarchar(20)user_account_state_updated_atshould be adatetime(3)@Todo
user_account_state=enabledfor existing usersuser_account_state=enabledbefore forging an access token) forvalidation=*user_account_state=pending_validationifvalidation=mail|admin, otherwiseuser_account_state=enabled)user_account_statevalue (In order to setuser_account_state=enabled|disabledif needed)