search

bitfumes / community-project-backend

Check guideline - https://github.com/bitfumes/bitfumes-community-project-guidelines.git
GNU Affero General Public License v3.0
6 stars 4 forks source link

Account verification process #4

Open amitavroy opened 3 years ago

amitavroy commented 3 years ago
  1. Once a user has registered, his/her account status should be in “not_verified” status.
  2. The user should get an email with a verification URL. (email should be sent through a Queue)
  3. When the user clicks on that URL, he will be redirected to the front-end application where the application will take the token from the URL, send it to the API and verify the user.
  4. Once verification is done, the user will be redirected to the login page and should login.
  5. If the user’s account is not verified and the user tried to login, he/she should be taken to a page showing a message that he/she needs to verify account to continue.
  6. There should be a CRON which will run every day at 12 AM and will pick up any inactive account older than 30 days.
ScriptingBeating commented 3 years ago

user should first authenticate before email verification. So I think there is no need for 4th step.

Reference : https://laravel.com/docs/8.x/verification#the-email-verification-handler

amitavroy commented 3 years ago

Hi Mohan, yes you are right. The route which verify the user is behind the auth middleware. So, the flow will change

Let me change the ticket accordingly.

Thanks for pointing this out.