Add a User Account page

[dsclassen]

for users to edit their email address or username or delete their own account.

[dsclassen]

Given that we use one-time passcodes (OTPs) sent to the user's email address instead of traditional passwords, handling changes to the email address involves additional considerations to maintain security and integrity. Here's how you can approach it:

1. Email Change Request Verification

Since your application relies on email-based authentication, changing the email address is a sensitive action that should be carefully verified.

• Initiate Email Change: When a user requests to change their email, require them to enter the new email address and possibly re-enter their current email for confirmation.

• Send OTP to Current Email: To verify the intention and confirm the identity of the requester, send an OTP to the user's current email address. This step ensures that the email change request is initiated by the legitimate account owner.

• Verification of Current Email: Require the user to enter the OTP sent to their current email address to proceed with the email update process.

2. Validate New Email Ownership

Before finalizing the email change, verify the ownership of the new email address.

• Send OTP to New Email: Once the user has verified their current email, send an OTP to the new email address to confirm its ownership.

• Enter OTP From New Email: Require the user to enter the OTP sent to the new email address. Successfully entering the OTP confirms the user's control over the new email.

3. Invalidate Sessions and Re-authenticate

Upon successful verification of both the current and new email addresses, proceed with the email update and consider the security implications.

• Invalidate Existing Sessions: Since the authentication mechanism is tied to email addresses, change the email in your database and invalidate any existing sessions or OTPs that were issued based on the old email address. This step prevents access from any session that may have been hijacked or is no longer valid due to the email change.

• Issue New OTP for New Email: After updating the email address in your database, issue a new OTP to the new email address. This serves as a re-authentication step and ensures that the user can only access the account if they have control over the new email address.

• Notify Both Emails: Send a notification to both the old and new email addresses about the change. This notification should include instructions on what to do if the email change was not authorized by the user.

Considerations

• Security Measures: Implementing additional security measures, such as rate limiting OTP requests and email change attempts, can help prevent abuse of the email change process.

• User Experience: Clearly communicate each step of the email change process to the user, including why certain verifications are necessary. Aim to make the process as seamless as possible while maintaining security.

• Recovery Options: Consider providing a secure method for users to revert the email change if it was done in error or without their consent, especially during a grace period after the change.

This approach ensures that email changes are handled securely, respecting the importance of email addresses in your authentication flow and protecting user accounts from unauthorized access or modifications.

[dsclassen]

Working on this issue will also require changes to bilbomd-backend where all the email is sent from.

[shrprabh]

Update on '10-add-a-user-account-page' branch Completed: Merged the latest changes from the main branch into the '10-add-a-user-account-page' branch to stay in sync (as of July 3, 2024).

Next steps:

1. Review the merged code and brainstorm ideas for implementing the user account page.
2. Set up the local development environment and ensure the UI runs successfully.
3. Begin implementation of the user account page based on the discussed requirements and ideas.
4. Researching and getting to know more about Argo CD for continious deployment/delivery.