Skip to content

Add additional step for unlocking account #5788

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add additional step for unlocking account #5788

wants to merge 1 commit into from

Conversation

TomGibbon
Copy link

@TomGibbon TomGibbon commented Aug 8, 2025
edited
Loading

Some email clients automatically visit links inside of emails to check that the link isn't malware. This can cause the GET resource/unlock?unlock_token=abcdef link to be visited almost instantly for some users when the unlock_strategy is set to :email or :both, which unlocks the user and effectively causes the lockable process to do nothing.

This PR adds an extra_step config varaible, which when set to true will cause the original GET resource/unlock?unlock_token=abcdef link to render a new page, keeping the resource locked. This new page contains a different link (GET resource/unlock/confirm?unlock_token=abcdef), which when clicked will unlock the resource. When extra_step is false, the app will behave as normal.

Fixes issue: #5342

@TomGibbon TomGibbon force-pushed the unlock_resource_two_steps branch from e4b1c79 to c09e217 Compare August 11, 2025 08:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@TomGibbon