auth icon indicating copy to clipboard operation
auth copied to clipboard
verified publisher icon supabase

Update identities email_verified on email signup

Open janekwunderlich opened this issue 1 year ago • 4 comments

What kind of change does this PR introduce?

This PR fixes a bug where the email_verified field in the identities table is not updated when a user's email is confirmed. This change ensures that the email verification status is correctly reflected in the JWT.

What is the current behavior?

When the user gets an email confirmation link the GET /verify request is called. This goes through the verifyGet method which then calls the signupVerify method. There the AuditLogEntry is created, then the Confirm method on the user is called which updates the confirmation_token and email_confirmed_at, and also clears the OneTimeTokens for the user. However, the email_confirmed field on the identities table does not get updated to true.

#1620

What is the new behavior?

When a GET /verify request is called for a mail signup verification, the signupVerify method now updates the email_verified property to true on the identity_data field on the identities table

janekwunderlich avatar Jun 13 '24 07:06 janekwunderlich

I think the same is happening for smsVerify and the respective phone_verified fields, do you want me to add this to this PR?

janekwunderlich avatar Jun 14 '24 04:06 janekwunderlich

Feel free to add it, will give a thorough look to the PR when a slot frees up..

J0 avatar Jun 14 '24 12:06 J0

Pull Request Test Coverage Report for Build 9510681514

Details

  • 5 of 15 (33.33%) changed or added relevant lines in 2 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-0.02%) to 57.588%
Changes Missing Coverage Covered Lines Changed/Added Lines %
internal/models/user.go 3 5 60.0%
internal/api/verify.go 2 10 20.0%
<!-- Total: 5 15
Totals Coverage Status
Change from base Build 9487645421: -0.02%
Covered Lines: 8663
Relevant Lines: 15043
💛 - Coveralls

coveralls avatar Jun 14 '24 12:06 coveralls

Hi,

Face this issue while working with Supabase auth. Any update on this?

Discord

bqrkhn avatar Jul 19 '24 16:07 bqrkhn

hi @janekwunderlich, thanks for pointing this out and contributing! i've made an update and also added tests in this PR

kangmingtay avatar Dec 11 '24 09:12 kangmingtay

hi @janekwunderlich, thanks for pointing this out and contributing! i've made an update and also added tests in this PR

Thanks for fixing this. I have closed this PR. I think the same issue might exist with phone verification if you want to take a look at that.

janekwunderlich avatar Dec 20 '24 21:12 janekwunderlich