Update identities email_verified on email signup
What kind of change does this PR introduce?
This PR fixes a bug where the email_verified field in the identities table is not updated when a user's email is confirmed. This change ensures that the email verification status is correctly reflected in the JWT.
What is the current behavior?
When the user gets an email confirmation link the GET /verify request is called. This goes through the verifyGet method which then calls the signupVerify method. There the AuditLogEntry is created, then the Confirm method on the user is called which updates the confirmation_token and email_confirmed_at, and also clears the OneTimeTokens for the user. However, the email_confirmed field on the identities table does not get updated to true.
#1620
What is the new behavior?
When a GET /verify request is called for a mail signup verification, the signupVerify method now updates the email_verified property to true on the identity_data field on the identities table
I think the same is happening for smsVerify and the respective phone_verified fields, do you want me to add this to this PR?
Feel free to add it, will give a thorough look to the PR when a slot frees up..
Pull Request Test Coverage Report for Build 9510681514
Details
- 5 of 15 (33.33%) changed or added relevant lines in 2 files are covered.
- No unchanged relevant lines lost coverage.
- Overall coverage decreased (-0.02%) to 57.588%
| Changes Missing Coverage | Covered Lines | Changed/Added Lines | % |
|---|---|---|---|
| internal/models/user.go | 3 | 5 | 60.0% |
| internal/api/verify.go | 2 | 10 | 20.0% |
| <!-- | Total: | 5 | 15 |
| Totals | |
|---|---|
| Change from base Build 9487645421: | -0.02% |
| Covered Lines: | 8663 |
| Relevant Lines: | 15043 |
💛 - Coveralls
hi @janekwunderlich, thanks for pointing this out and contributing! i've made an update and also added tests in this PR
hi @janekwunderlich, thanks for pointing this out and contributing! i've made an update and also added tests in this PR
Thanks for fixing this. I have closed this PR. I think the same issue might exist with phone verification if you want to take a look at that.