Custom email confirmation by code verification
What does this MR do and why?
Replace Devise’s confirmation email and confirmation mechanism with our own custom implementation by verifying a 6-digit code.
This is the first phase of the barriers to entry epic and shown to users with a low risk profile.
Issue: https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/55
Screenshots or screen recordings
Click to expand
How to set up and validate locally
- In rails console enable the feature flag and disable the
require_admin_approval_after_user_signup
and enable thesend_user_confirmation_email
application settings:Feature.enable(:identity_verification) ApplicationSetting.first.update(require_admin_approval_after_user_signup: false) ApplicationSetting.first.update(send_user_confirmation_email: true)
- Visit
http://localhost:3000
, logout and create a new user - Visit
http://localhost:3000/rails/letter_opener
and copy the code from the email - Fill in the code on the code verification page
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Alex Buijs