Closed osopromadze closed 4 years ago
We didn't address the fact that this approach allows non verified users to login and do everything as a normal user.
Oh, you're right. There were no changes to the login function and, well, the issue was not so clearly written since it did not specify what a deactivated account means. I'll create a new issue for that.
@osopromadze, would you be interested to also do the frontend part? icebreaker-science/frontend#33
@chaoran-chen with pleasure, but at this moment have no time for it, if someone does it, great, and if not I will do when I find free moment
Fixes #37
Created account_confirmation table where is stored token to confirm email. Added methods to AccountController to handle confirmation requests. Added isEnabled field to Account which is false for default and after confirmation turns to true.