Recreation of an Existing Candidature

[michaellaunay]

Current Situation

• If an existing application is recreated, the user is directly redirected to the corresponding state, which represents a security flaw.

Proposed Solution

1. Uniqueness Check: Before creating a new application, check if a similar application already exists.
2. Secure Redirection: If an existing application is detected, do not directly redirect the user. Instead, resend the last email and request to follow the link in the email.
3. Information Message: Provide an explicit message indicating why the creation of the application is not allowed.

Mail Resending Solution Details

• If a user attempts to recreate an existing application that is not in the APPROVED or REJECTED state, then resend the last email with the link to follow to resume from where they left off, and notify on the portal that they should follow the link it contains.

[michaellaunay]

Implemented: The connection is forcibly closed at the beginning of the registration process to prevent any token reuse.