Implement email verification for users

[Radhikadua123]

Right now we don't have any kind of email verification. User can register using any email, user can change his/her email and then just use the account. He/she won't have to confirm their emails to do any actions. This can exploited by users for spamming too.

So, this is parent issue describing all the smaller bugs which needs to be fixed to successfully add email verification system. This implementation corresponds to my second approach here: #3522 (comment)

• Implement helper function to encrypt/decrypt data
• Implement helper function to generate and validate unique token for user Implement helper function to generate/validate unique token for user #3848
• Add is_verified to user model with default value False Add is_verified to user model with default value False #3849
• Send verification email to the user on signup Send verification email to the user on signup #3850
• Flash message and button to send email again if email not verified Flash message and button to send email again if email not verified #3851
• Implement helper function has_email_verified Implement helper function has_email_verified #3852
• Disable write operations on pages if user not verified Disable write operations on pages if user not verified #3853

Optional:

• Add redis database to docker and connect it with application
• Implement expiry for the validation link

@jywarren Should I create separate issues for each of them or this much breaking is enough and easy to understand ?

[welcome]

Thanks for opening your first issue! This space is protected by our Code of Conduct - and we're here to help.
Please follow the issue template to help us help you 👍🎉😄
If you have screenshots or a gif to share demonstrating the issue, that's really helpful! 📸

[jywarren]

this is amazingly well broken up! Where did you learn this workflow -- it's one we've tried to be good at, but it's tough! See our posts at https://publiclab.org/software-outreach

I think you can do them all yourself in this issue if you want. But if you'd like to prepare one or two for others to get involved in, breaking them out into well-documented distinct issues can help. But it's up to you! Thank you!

[Radhikadua123]

this is amazingly well broken up! Where did you learn this workflow -- it's one we've tried to be good at, but it's tough!

Thanks a lot! @jywarren ^_^
Actually I only know general web development stuff and I thought lot about the way it should be implemented and then tried to split it into smaller tasks. But I'm quite less aware of Ruby on Rails internals. I'm continuously trying to learn more about it from the code base.

See our posts at https://publiclab.org/software-outreach

Sure, I'll check it out.

I think you can do them all yourself in this issue if you want. But if you'd like to prepare one or two for others to get involved in, breaking them out into well-documented distinct issues can help.

Yeah, splitting task into well-documented distinct issues on which others can work easily sounds better idea to me. By this, more people can get involved in the project.

[jywarren]

👍🏽👍🏽👍🏽

…

On Sat, Oct 27, 2018, 8:59 AM Radhika Dua ***@***.*** wrote: this is amazingly well broken up! Where did you learn this workflow -- it's one we've tried to be good at, but it's tough! Thanks a lot! @jywarren <https://github.com/jywarren> ^_^ Actually I only know general web development stuff and I thought lot about the way it should be implemented and then tried to split it into smaller tasks. But I'm quite less aware of Ruby on Rails internals. I'm continuously trying to learn more about it from the code base. See our posts at https://publiclab.org/software-outreach Sure, I'll check it out. I think you can do them all yourself in this issue if you want. But if you'd like to prepare one or two for others to get involved in, breaking them out into well-documented distinct issues can help. Yeah, splitting task into well-documented distinct issues on which others can work easily sounds better idea to me. By this, more people can get involved in the project. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#3798 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AABfJ-1A_vSvHjaV1r5d2KqIzJqloAFMks5upFiigaJpZM4X8a6Y> .

[shubhangi-chauhan]

Could I take this up? 😃

[Radhikadua123]

@shubhangi-chauhan Sure, feel free to work on it. I'll add new well documented issues and link them here today.

[shubhscoder]

I would like to work on this, if anyone has'nt taken this issue. :)

[Radhikadua123]

I have split up this issue into separate issues. Everyone please feel free to take subparts of this issue!

[faithngetich]

@Radhikadua123 can they all be worked on by different people at a different time or one issue does not block the other?

[Radhikadua123]

Hi @faithngetich,

Actually lot of them depend on the previous tasks. But initial tasks like Implement helper function to generate and validate unique token for user and Add is_verified to user model with default value False can be done in parallel.

[faithngetich]

Thanks @Radhikadua123

I see they've all been worked on.

[SidharthBansal]

@Radhikadua123 really you did a great job in breaking the stuff into chunks.

[Radhikadua123]

Thanks a lot! @SidharthBansal

[Radhikadua123]

@faithngetich May be you can work on something else ?

In case you need help in search of appropriate task, I can try finding one for you.

[SidharthBansal]

Something really great going on here. Sorry I missed it. I was going to raise an issue for this but this issue has already been created.

[SidharthBansal]

Thanks @Radhikadua123