Is your feature request related to a problem? Please describe.
In order to add validation=mail or validation=admin feature, we'll need to use the state column from profile table in order to save the current user account state.
Describe the solution you'd like
There should be 3 differents states for now :
pending_validation - When creating a new account using validation=mail|admin, new user should be set to this state
disabled - validation=mail|admin|none|undefined. Account is disabled and request access token should return an error on sign-in
enabled - validation=mail|admin|none|undefined. Normal state, user should be able to access the resource he can. When a user is created using validation=none|undefined, this should be the default state?.
In case of validation=mail, user will be updated from user_account_state=pending_validation to user_account_state=enabled using a mail
In case of validation=admin, user will be updated from user_account_state=pending_validation to user_account_state=enabled by the administrator
Since this enhancement is actually a prevision for validation=mail implementation, we can also add an user_account_state_updated_at in order to set a time-to-live to the (future) activation link.
user_account_state should be a varchar(20)user_account_state_updated_at should be a datetime(3)
@Todo
[x] We'll need to update the database to add those columns, and set a default value to user_account_state=enabled for existing users
[x] We'll need to add sign-in validation (Check if user_account_state=enabled before forging an access token) for validation=*
[x] We'll need to add sign-up validation (Create new user with user_account_state=pending_validation if validation=mail|admin, otherwise user_account_state=enabled)
[x] We'll need to add/edit admin user interface in order to set user_account_state value (In order to set user_account_state=enabled|disabled if needed)
User account state validation signup/signin
Is your feature request related to a problem? Please describe. In order to add
validation=mail
orvalidation=admin
feature, we'll need to use the state column from profile table in order to save the current user account state.Describe the solution you'd like There should be 3 differents states for now :
pending_validation
- When creating a new account usingvalidation=mail|admin
, new user should be set to this statedisabled
-validation=mail|admin|none|undefined
. Account is disabled and request access token should return an error on sign-inenabled
-validation=mail|admin|none|undefined
. Normal state, user should be able to access the resource he can. When a user is created usingvalidation=none|undefined
, this should be the default state?.In case of
validation=mail
, user will be updated fromuser_account_state=pending_validation
touser_account_state=enabled
using a mail In case ofvalidation=admin
, user will be updated fromuser_account_state=pending_validation
touser_account_state=enabled
by the administratorSince this enhancement is actually a prevision for
validation=mail
implementation, we can also add anuser_account_state_updated_at
in order to set a time-to-live to the (future) activation link.user_account_state
should be avarchar(20)
user_account_state_updated_at
should be adatetime(3)
@Todo
user_account_state=enabled
for existing usersuser_account_state=enabled
before forging an access token) forvalidation=*
user_account_state=pending_validation
ifvalidation=mail|admin
, otherwiseuser_account_state=enabled
)user_account_state
value (In order to setuser_account_state=enabled|disabled
if needed)