Skip to content

Add user unconfirmed user deletion info to signup flow pages/emails

Jessie Young requested to merge jy-minimal-frontend-delete-user into master

What does this MR do and why?

  • On page after sign up complete
  • In confirmation email
  • Easier to say "please confirm within N days" than to give a time because we do not know the timezone of the user yet for this flow. The job that deletes users looks for N full days (N * 24 hours) time to have elapsed before deleting the unconfirmed user.
  • Partially addresses #415420
  • Behind an additional feature flag for frontend because we want to rollout the backend before rolling out the frontend. More context here: #352514 (comment 1446420501)

Screenshots or screen recordings

Post sign-up page with Arkose enabled (this is what SaaS users will see)

Screenshot_2023-08-02_at_4.49.15_PM

Confirmation email text format with Arkose enabled

Screenshot_2023-08-02_at_4.50.49_PM

Confirmation email HTML format with Arkose enabled

Screenshot_2023-08-02_at_4.50.40_PM

Post sign-up page

Screenshot_2023-06-22_at_2.18.29_PM

Confirmation email text format

Screenshot_2023-06-22_at_2.18.10_PM

Confirmation email HTML format

Screenshot_2023-06-22_at_2.18.05_PM

How to set up and validate locally

Regular sign-up flow (this feature requires a Premium or Ultimate license)

  1. In a console, enable required settings

    Feature.enable(:delete_unconfirmed_users_setting)
    Feature.enable(:delete_unconfirmed_users_frontend_setting)
    Gitlab::CurrentSettings.update(delete_unconfirmed_users: true)
    Gitlab::CurrentSettings.update(unconfirmed_users_delete_after_days: 30)
    Gitlab::CurrentSettings.update(email_confirmation_setting: 'hard')
  2. Visit https://gdk.test:3443/users/sign_up and sign up

  3. Post-signup page should include notice that the account will be deleted in 30 days if not confirmed

  4. Visit https://gdk.test:3443/rails/letter_opener/ and see same text in confirmation emails

Arkose sign-up flow:

  1. In a console, enable required settings. (the Arkose Labs public and private API keys can be found in the 1Password Engineering Vault entry named ArkoseLabs API keys > GITLAB - DEVELOPMENT - REGISTRATION FLOW)

    Feature.enable(:identity_verification)
    Feature.enable(:arkose_labs_signup_challenge)
    ApplicationSetting.current.update(arkose_labs_public_api_key: ***, arkose_labs_private_api_key: ***, arkose_labs_namespace: 'client')
  2. Visit https://gdk.test:3443/users/sign_up and sign up

  3. Once you've signed up, you will see a blue banner that says "You must confirm you email within 30 days..."

  4. Visit https://gdk.test:3443/rails/letter_opener/ and see same text in confirmation emails

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Jessie Young

Merge request reports

Loading