Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DRAFT] Re-issue existing confirmation code for self registration and ask-pasword flows. #730

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

[DRAFT] Re-issue existing confirmation code for self registration and ask-pasword flows. #730

wants to merge 1 commit into from

Conversation

UdeshAthukorala
Copy link
Contributor

@UdeshAthukorala UdeshAthukorala commented Jul 18, 2023
edited
Loading

Proposed changes in this pull request

We have previously implemented a feature[1][2] to Re-issue Existing Password Recovery Confirmation Code in password reset flow within a time period. That time period was decided based on the below toml config.

[identity_mgt.password_reset_email]
confirmation_code_tolerance_period=3

We have a similar requirement to send the same account confirmation link(same confirmation code) when a user tries to resend the activation link multiple times within a specified time period. This activation link can be a PENDING_AP user activation link(Ask Password Flow) or a PENDING_SR user activation link(Self Registration Flow).

With this Draft PR I have improved the previously done feature to provide the support to Re-issue Confirmation Code in Ask Password flow & Self registration flow within a time period. That time period was decided a based on the above same toml config.

TO-DO

  • Decide the recovery flows which support to re-issue Existing confrimation codes based on a config
  • Decide whether are we going to use the same toml config to configure to specify confirmation_code_tolerance_period

Tests

  • Need to Create

Documentation

  • Need to Create

References

@UdeshAthukorala
Copy link
Contributor Author

We had a discussion today and decided to give this re-issue same confirmation code for a given period feature for Self Registration, Ask Password, Username recovery flows as well.

And also decided to maintain separate configs to decide the tolerance time period for each flow.

  1. For Self Registration

    [identity_mgt.user_self_registration]
confirmation_code_tolerance_period=3

  2. For Ask Password Flow

    [identity_mgt.user_onboarding]
ask_password_confirmation_code_tolerance_period=3

  3. For Username recovery

    [identity_mgt.username_recovery.email]
confirmation_code_tolerance_period=3

@UdeshAthukorala UdeshAthukorala marked this pull request as draft January 29, 2024 05:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@UdeshAthukorala