Add verified_at timestamp to use for spam prevention
User are marked as verified after a join code is redeemed. The user is redirected to Users::VerificationsController, either: - after submitting a valid magic link code, - or immediately after redeeming the join code (if they're already authenticated with the correct identity) Account owners are automatically verified when the account is created (because they have already provided a magic link code at that point). This sets up for later commits that will backfill existing users and require verification before sending notification emails. Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
@@ -36,7 +36,7 @@ class JoinCodesControllerTest < ActionDispatch::IntegrationTest
|
||||
end
|
||||
|
||||
assert_redirected_to session_magic_link_url(script_name: nil)
|
||||
assert_equal new_users_join_url(script_name: @account.slug), session[:return_to_after_authenticating]
|
||||
assert_equal new_users_verification_url(script_name: @account.slug), session[:return_to_after_authenticating]
|
||||
end
|
||||
|
||||
test "create for existing identity" do
|
||||
@@ -55,7 +55,7 @@ class JoinCodesControllerTest < ActionDispatch::IntegrationTest
|
||||
assert_redirected_to landing_url(script_name: @account.slug)
|
||||
end
|
||||
|
||||
test "create for signed-in identity without a user in the account redirects to user setup" do
|
||||
test "create for signed-in identity without a user in the account redirects to verification" do
|
||||
identity = identities(:mike)
|
||||
sign_in_as :mike
|
||||
|
||||
@@ -67,6 +67,6 @@ class JoinCodesControllerTest < ActionDispatch::IntegrationTest
|
||||
end
|
||||
end
|
||||
|
||||
assert_redirected_to new_users_join_url(script_name: @account.slug)
|
||||
assert_redirected_to new_users_verification_url(script_name: @account.slug)
|
||||
end
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user