Skip to content

Activation for new user accounts #22

New issue
New issue
Open
Open
Activation for new user accounts#22
Assignees
jpchip
@sbrudz

Description

@sbrudz
sbrudz
opened on Dec 5, 2018

As an admin, I want users to activate their account via a link in an email to prevent fraudulent accounts.

  • When a user registers for a new account, they should be taken to an Account Created page at the url /account-created
  • Within 2 minutes after creating their account, they should receive an email with a verification link. See below for more details.
  • The Account Created page should state:
You’re almost done! We sent an activation mail to <their email>. Please follow the instructions in the mail to activate your account.

If it doesn’t arrive, check your spam folder.
  • The page should have a "Resend Activation Email" button. Clicking this button should re-send the activation email.
  • If the "Resend Activation Email" button is clicked more than three times in an hour, the system will display an error message stating: "Too many attempts to resend the activation email in a short period of time, please try again in X minutes". Use a library like express-brute to enable this.
  • On the Log In page, if the user has not activated their account and they try to log in, they should see a message stating: "You can't log in yet. We previously sent an activation email to you at . Please follow the instructions in that email to activate your account." There should be a button below that which says "Resend Activation Email" which will trigger sending a new activation email.
  • The activation email should contain the following text:
Click the following link to confirm and activate your new account:
<activation link>

If the above link is not clickable, try copying and pasting it into the address bar of your web browser.
  • The activation link should contain the url segment /activate-account plus a UUID token
  • Clicking the activation link should take the user to the Activate Account page which has a button labelled "Activate My Account"
  • Clicking the Activate My Account button will activate the user's account and display a message to them stating: "Your account is now confirmed." They will then be directed to their list of To Dos.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions