Show users they have completed identity verification
What does this MR do and why?
- Resolves https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/347
- From our logs, we are seeing that users navigate back to the identity verification page even after they have verified their identity, but they tend to get confused because we don't show a verified state.
- So, to solve this, if a user presses the back-button on their browser, we will show them that they have completed identity verification.
- If they try to access the
users/identity_verification
path directly, then we will redirect them to their dashboard.
Screenshots or screen recordings
Before | After |
---|---|
before | after |
How to set up and validate locally
- Turn on feature flag
Feature.enable(:arkose_labs_signup_challenge)
Feature.enable(:identity_verification)
- Update application setting to turn on verification
ApplicationSetting.first.update(require_admin_approval_after_user_signup: false, email_confirmation_setting: "hard")
- Get credentials from 1Password to connect to our external services
ApplicationSetting.first.update(arkose_labs_public_api_key: XX, arkose_labs_private_api_key: XX)
- Sign-up as a new user from
/users/sign_up
. You should see a page with contentHelp us keep GitLab secure
and you will be asked to verify your email address. - You can find the verification code on http://127.0.0.1:3000/rails/letter_opener.
- Once verified, you should see the onboarding form. Try pressing the back button in your browser, it should still show you that your identity has been confirmed.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Hinam Mehra