Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Activation for new user accounts #22

Open
sbrudz opened this issue Dec 5, 2018 · 0 comments
Open

Activation for new user accounts #22

sbrudz opened this issue Dec 5, 2018 · 0 comments
Assignees
@jpchip

Comments

@sbrudz
Copy link
Contributor

sbrudz commented Dec 5, 2018

As an admin, I want users to activate their account via a link in an email to prevent fraudulent accounts.

  • When a user registers for a new account, they should be taken to an Account Created page at the url /account-created
  • Within 2 minutes after creating their account, they should receive an email with a verification link. See below for more details.
  • The Account Created page should state:
You’re almost done! We sent an activation mail to <their email>. Please follow the instructions in the mail to activate your account.

If it doesn’t arrive, check your spam folder.
  • The page should have a "Resend Activation Email" button. Clicking this button should re-send the activation email.
  • If the "Resend Activation Email" button is clicked more than three times in an hour, the system will display an error message stating: "Too many attempts to resend the activation email in a short period of time, please try again in X minutes". Use a library like express-brute to enable this.
  • On the Log In page, if the user has not activated their account and they try to log in, they should see a message stating: "You can't log in yet. We previously sent an activation email to you at . Please follow the instructions in that email to activate your account." There should be a button below that which says "Resend Activation Email" which will trigger sending a new activation email.
  • The activation email should contain the following text:
Click the following link to confirm and activate your new account:
<activation link>

If the above link is not clickable, try copying and pasting it into the address bar of your web browser.
  • The activation link should contain the url segment /activate-account plus a UUID token
  • Clicking the activation link should take the user to the Activate Account page which has a button labelled "Activate My Account"
  • Clicking the Activate My Account button will activate the user's account and display a message to them stating: "Your account is now confirmed." They will then be directed to their list of To Dos.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jpchip jpchip

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jpchip @sbrudz @aperinovic