dsclassen
commented
3 months ago What new attributes will be needed in the bilbomd-mongodb-schema to support these actions?
Closed shrprabh closed 2 months ago
dsclassen
commented
3 months ago What new attributes will be needed in the bilbomd-mongodb-schema to support these actions?
shrprabh
commented
3 months ago We need these three attributes to support the email change feature:
I will be using these attributes on the user entity. I will update you if I need any additional variables for the delete account feature.
For the delete account feature, should we display a warning modal, and after the user clicks 'OK', move the account to an inactive state, or should we introduce a new variable for verification before deletion?
shrprabh
commented
3 months ago Working on implementing email verification and would like to outline the steps involved:
MongoDB Schema Access: I need access to the MongoDB schema to add three new fields required for the email verification process.
Impact Assessment: I will review the current schema and codebase to ensure that adding these fields will not impact any existing functionalities.
Schema Update: If there are no issues, I will proceed with updating the schema and implementing the necessary changes.
API Development: I have started creating the three APIs for email verification. Once completed, I will update our account UI to reflect these changes. API End Points:
/users/resend-otp /users/verify-otp /users/resend-otp
Testing: I may need a dummy email account for local testing to verify that the email verification process works as expected.
dsclassen
commented
3 months ago I think we should be able to reuse confirmationCode for emailVerificationOtp and emailVerificationOtpExpires:
confirmationCode: {
code: {
type: String
},
expiresAt: {
type: Date,
expires: '2m',
index: { expireAfterSeconds: 0 }
}
},These fields are currently only being used for the new user registration and we should be able to re-use them when a user wants to change their email address.
dsclassen
commented
3 months ago The current API has an endpoint to delete users available at DELETE to /api/v1/users/:id
But I think we decided it would be easier to use username instead of id?
dsclassen
commented
3 months ago We also have an API endpoint to update a user available at PATCH to /api/v1/users and in the body send:
{ id, username, roles, active, email }I wanted to update you on the recent changes I've made:
Email Change Feature: I've utilized the existing schema's confirmationCode feature for the OTP verification instead of adding new fields. The only new addition is the previousEmail field, which I think is necessary and beneficial for tracking email changes.
Delete User API: We’ll be using the username in the API endpoint instead of the id, as we previously discussed.
Currently, I'm unable to validate the email locally, but I can generate, store, and verify the OTPs. I'll need credentials related to email services to proceed further with email validation. Once that's sorted, I'll share the UI design before integration.
dsclassen
commented
3 months ago Are you going to update deleteUser to handle both id and username or create a new handler function called deleteUserbyUsername? or something else?
shrprabh
commented
3 months ago I will be updating the existing deleteUser function rather than creating a new handler to handle both id and username.
Create two APIs with the following functionalities:
Delete User Account: An API that takes a username as input and deletes the corresponding user account after verification. Change Email Address: An API that allows users to change their email address after verification. This involves sending a request for an OTP (One-Time Password), which the user must enter to confirm and update their email address. Description:
Delete User Account API:
Change Email Address API:
This will be associated with https://github.com/bl1231/bilbomd-ui/issues/10