Whenever a new user is created, a confirmation email is sent to verify that account. Only after email confirmation, that account can use the routes protected by '@login_required'.
Modified the user model class to have an 'is_verified' property that is false by default.
Modified the '@login_required' decorator to also block requests by user with 'is_verified' = false.
Confirmation of the email sets 'is_verified' = true.
Fixes #140
Type of change
[x] New feature (non-breaking change which adds functionality)
How Has This Been Tested?
Create a new user. Log in and try accessing protected routes. Then confirm the account and try again.
Test Configuration:
Windows 10
Google Chrome
Postman
Checklist:
[x] My code follows the style guidelines of this project
[x] I have performed a self-review of my own code
[x] I have commented my code, particularly in hard-to-understand areas
[ ] I have made corresponding changes to the documentation
[x] My changes generate no new warnings
[ ] I have added tests that prove my fix is effective or that my feature works
[x] New and existing unit tests pass locally with my changes
[ ] Any dependent changes have been merged and published in downstream modules
Description
PR consists of the following changes -
Fixes #140
Type of change
How Has This Been Tested?
Create a new user. Log in and try accessing protected routes. Then confirm the account and try again.
Test Configuration:
Checklist: