Email verification (including business logic)

Description

As Adam I want the user to verify that (s)he own the email that (s)he has provided.

Acceptance Criteria

  • When a new user is created with an email address, then the system will send an email requesting verification to the new user. (The system doesn't require an email address when creating a user.)

  • After email is changed by the user or by the administrator, an email is sent requiring the user to verify their email address.

  • When an existing email is changed to a new email, then the old email will be used for notifications until the new email address has been verified.

    • There is a visual indication showing the email address that is verified (in this case the old email address) and an email address has been changed and is pending verification.

  • The verification email title:

    •  

      1 Verify Your Email Address

      (most likely the first option as this mimic what we do for other user related emails)

    •  

      1 OpenLMIS - Verify Your Email Address
  • The sent email content:

    1 2 To verify your email address visit the following link: https://test.openlmis.org/users/auth/verifyEmail/s0m3WeirdT0k3n
  • When an email has been verified, the Email Verified checkbox in user details is updated as checked.

  • If the verification email is sent and not verified by the user within 12 hours of being sent then the email will expire.

Tasks:

  • New POST /users/auth/verifyEmail endpoint is added

Status

Assignee

Łukasz Lewczyński

Reporter

Sam Im

Story Points

5

Time tracking

60h

Epic Link

Sprint

None

Fix versions

Priority

Major