Closed vsudilov closed 9 years ago
clarification: POST
to the change email endpoint is a no-op (except to send the verification email).
visitng GET
with a correctly de-coded link will result:
u = db.session.query(Users).filter(uid=uid) #uid should be decoded from the payload`
u.update(email=new_email)`
Consensus is to implement the above, and additionally send a courtesy notification to the current email
In the current implementation, a user can change their email to one to which they do not have access, thus locking themselves out of their account.
The most straightforward fix is to not perform the
user.update(email=new_email)
procedure until the new email has been verified. In this way, the change email workflow is a no-op until they visit the new email's verification link